ASA send traffic out specific IP

Posted on 2011-10-13
Last Modified: 2012-05-12
Our company has an ASA router that has 9 IP addresses on it. This is my first experience with ASA and all I can say is, "Wow! this is not the normal Cicso command language"

I didn't set this router up and because of my lack of knowledge pertaining to ASA I've been using ASDM and it has served it's purpose up to this point.

Currently all of our traffic is sending out through I want our mail server to send out through I know that this IP address is working on the wan interface because we receive our emails on the 182 address. When I do a show interfaces it only shows the 181 ip address on the wan interface. I've browsed all through the ASDM and can't find any mention of the 8 other IP addresses that are currently routing traffic our mailservers, webservers, etc... The only place that these IP addresses show up is in the running config is as an Object-Group:

object-group network DM_INLINE_NETWORK_1
   network-object host
   network-object host
   network-object host
   network-object host
   network-object host
   network-object host
   network-object host
   network-object host

This is all probably normal, but I'm a novice at this stuff.

I set NAT policies to route inbound traffic to our servers that host public services all the time using ASDM. But, configuring the router to send traffic out a specific wan IP when the traffic is coming from a specific server's IP has got me stumped.

Question by:David11011
    LVL 10

    Accepted Solution

    The other Ip addresses will show as network objects.  is three a specific reason you want to send mail thorugh this address/  You can always create a static route.  that hos only been successful for me if I want to send email of web only traffic through a different ISP
    LVL 33

    Assisted Solution

    >> When I do a show interfaces it only shows the 181 ip address on the wan

    That's correct.  The SHOW INT on the asa will show you the currently assigned ASA interfaces.      The other IPs you have available can be used for 1 to 1 static NATs or port forwards.  

    For mail, you would usually do a 1 to 1 static nat (basically a port forward of all ports).  

    When you assign a static NAT, all traffic is sent outbound on that IP.   Any traffic coming into the ASA on that IP will be forwarded into the internal host (if the ACL allows it).  

    This will give you an idea of how to do a NAT in post 8.3 code.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Threat Intelligence Starter Resources

    Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

    If you have an ASA5510 then this sort of thing would be better handled with a CSC Module, however on an ASA5505 thats not an option, and if you want to throw in a quick solution to stop your staff going to facebook during work time, then this is the…
    Cisco Pix/ASA hairpinning The term, hairpinning, comes from the fact that the traffic comes from one source into a router or similar device, makes a U-turn, and goes back the same way it came. Visualize this and you will see something that looks …
    It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
    Migrating to Microsoft Office 365 is becoming increasingly popular for organizations both large and small. If you have made the leap to Microsoft’s cloud platform, you know that you will need to create a corporate email signature for your Office 365…

    779 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    11 Experts available now in Live!

    Get 1:1 Help Now