Configuration examples for network object nat – Cisco ASA 5505 User Manual

Page 597

background image

30-15

Cisco ASA 5500 Series Configuration Guide using the CLI

Chapter 30 Configuring Network Object NAT

Configuration Examples for Network Object NAT

Configuration Examples for Network Object NAT

This section includes the following configuration examples:

•

Providing Access to an Inside Web Server (Static NAT), page 30-15

•

NAT for Inside Hosts (Dynamic NAT) and NAT for an Outside Web Server (Static NAT), page 30-16

•

Inside Load Balancer with Multiple Mapped Addresses (Static NAT, One-to-Many), page 30-17

•

Single Address for FTP, HTTP, and SMTP (Static NAT-with-Port-Translation), page 30-18

•

DNS Server on Mapped Interface, Web Server on Real Interface (Static NAT with DNS
Modification), page 30-19

•

DNS Server and Web Server on Mapped Interface, Web Server is Translated (Static NAT with DNS
Modification), page 30-21

Providing Access to an Inside Web Server (Static NAT)

The following example performs static NAT for an inside web server. The real address is on a private
network, so a public address is required. Static NAT is necessary so hosts can initiate traffic to the web
server at a fixed address. (See

).

Figure 30-1

Static NAT for an Inside Web Server

Step 1

Create a network object for the internal web server:

hostname(config)# object network myWebServ

Step 2

Define the web server address:

hostname(config-network-object)# host 10.1.2.27

Outside

Inside

10.1.2.1

209.165.201.1

Security
Appliance

myWebServ
10.1.2.27

209.165.201.12

10.1.2.27

209.165.201.10

24

8

772

Undo Translation

This manual is related to the following products:

ASA 5585-X ASA 5555-X ASA 5545-X ASA 5525-X ASA 5515-X ASA 5512-X ASA 5580 ASA 5550 ASA 5540 ASA 5520 ASA 5510 ASA 5500 Series