Solved

NAT based on destination

Posted on 2013-12-12
3
325 Views
Last Modified: 2013-12-13
I have a partner web site that seems to not cope with with multiple users coming to it from our same source PAT public IP address.  It there a way to tell the ASA to use a specific NAT pool if they are trying to go to a particular address?
0
Comment
Question by:amigan_99
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 22

Expert Comment

by:Jody Lemoine
ID: 39717429
Usually a static NAT entry is used in this scenario. Static NAT is bidirectional and will supersede your overloaded NAT for traffic to/from the addresses in question.
0
 
LVL 22

Accepted Solution

by:
Jody Lemoine earned 500 total points
ID: 39717514
Sorry. Misread.

If you want to change pools based on destination, you can do it like this:

access-list acl-pool-1 permit ip any x.x.x.x y.y.y.y
access-list acl-pool-default permit ip any any

nat (inside) 1 access-list acl-pool-1
nat (inside) 10 access-list acl-pool-default
global (outside) 1 a.a.a.a  m.m.m.m
global (outside) 10 a.a.a.b  m.m.m.m

If you define your destination in acl-pool-1, it will use pool 1 and everything else will use pool 10.
0
 
LVL 1

Author Closing Comment

by:amigan_99
ID: 39718271
This is great.  I am dealing with a dinosaur government agency whom is not dealing with multiple clients coming from a single PAT.  Arrgh.  :-)
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When I upgraded my ASA 8.2 to 8.3, I realized that my nonat statement was failing!   The log showed the following error:     %ASA-5-305013: Asymmetric NAT rules matched for forward and reverse flows It was caused by the config upgrade, because t…
This past year has been one of great growth and performance for OnPage. We have added many features and integrations to the product, making 2016 an awesome year. We see these steps forward as the basis for future growth.
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question