top of page
This site was designed with the
.com
website builder. Create your website today.Start Now

Static NAT Example: 

Src: 1.1.1.1

Dst: 2.2.2.2

Dst needs to xlate to 10.2.2.2

Step1. NAT 

nat (jump_servers,outside) source static H_10.2.2.2 H_2.2.2.2 destination static h_1.1.1.1 h_1.1.1.1

Note: technically, the traffic comes in from outside interface,

but you can write the NAT statement backward like in this example

 

Step2. ACL

 

access-list outside_access_in extended permit ip host H_1.1.1.1 object H_10.2.2.2

#The dst would be the real IP 10.2.2.2, NOT public IP 2.2.2.2


access-list jump_servers_access_in extended permit ip object H_10.1.1.1 host H_1.1.1.1 

#You also want to write a ACL for return traffic, note the return

src IP would be the real IP as opposed to the real dst IP.

To re-arrange NAT statement order: 

Copy and paste the NAT statements on a notepad!

Object NAT Example: 

 object network network_object_10.128.96.1

    nat (web,outside) static 8.36.117.1

object network Net_10.128.64.0-1

   nat (web,outside) dynamic interface

Identity NAT (no NAT) Example: 

nat (inside,outside) 1 source static encry_local encry_local destination static encry_remote encry_remote

bottom of page