Filter
Top Products
30-15
Cisco ASA 5500 Series Configuration Guide using the CLI
Chapter 30 Configuring Network Object NAT
Configuration Examples for Network Object NAT
Configuration Examples for Network Object NAT
This section includes the following configuration examples:
• Providing Access to an Inside Web Server (Static NAT), page 30-15
• NAT for Inside Hosts (Dynamic NAT) and NAT for an Outside Web Server (Static NAT), page 30-16
• Inside Load Balancer with Multiple Mapped Addresses (Static NAT, One-to-Many), page 30-17
• Single Address for FTP, HTTP, and SMTP (Static NAT-with-Port-Translation), page 30-18
• DNS Server on Mapped Interface, Web Server on Real Interface (Static NAT with DNS
Modification), page 30-19
• DNS Server and Web Server on Mapped Interface, Web Server is Translated (Static NAT with DNS
Modification), page 30-21
Providing Access to an Inside Web Server (Static NAT)
The following example performs static NAT for an inside web server. The real address is on a private
network, so a public address is required. Static NAT is necessary so hosts can initiate traffic to the web
server at a fixed address. (See Figure 30-1).
Figure 30-1 Static NAT for an Inside Web Server
Step 1 Create a network object for the internal web server:
hostname(config)# object network myWebServ
Step 2 Define the web server address:
hostname(config-network-object)# host 10.1.2.27
Outside
Inside
10.1.2.1
209.165.201.1
Security
Appliance
myWebServ
10.1.2.27
209.165.201.12
10.1.2.27 209.165.201.10
248772
Undo Translation