33-19
Cisco ASA 5500 Series Configuration Guide using ASDM
Chapter 33 Configuring Network Object NAT (ASA 8.3 and Later)
Configuration Examples for Network Object NAT
• Show Graphs—Click to display a new or updated graph window.
Configuration Examples for Network Object NAT
This section includes the following configuration examples:
• Providing Access to an Inside Web Server (Static NAT), page 33-19
• NAT for Inside Hosts (Dynamic NAT) and NAT for an Outside Web Server (Static NAT), page 33-21
• Inside Load Balancer with Multiple Mapped Addresses (Static NAT, One-to-Many), page 33-26
• Single Address for FTP, HTTP, and SMTP (Static NAT-with-Port-Translation), page 33-30
• DNS Server on Mapped Interface, Web Server on Real Interface (Static NAT with DNS
Modification), page 33-33
• DNS Server and Web Server on Mapped Interface, Web Server is Translated (Static NAT with DNS
Modification), page 33-36
Providing Access to an Inside Web Server (Static NAT)
The following example performs static NAT for an inside web server. The real address is on a private
network, so a public address is required. Static NAT is necessary so hosts can initiate traffic to the web
server at a fixed address. (See Figure 33-1).
Figure 33-1 Static NAT for an Inside Web Server
Step 1 Create a network object for the internal web server:
Outside
Inside
10.1.2.1
209.165.201.1
Security
Appliance
myWebServ
10.1.2.27
209.165.201.12
10.1.2.27 209.165.201.10
248772
Undo Translation