Hello, I'm trying to figure out how to write a tricky NAT statement on my ASA firewall. This NAT statement muster alter the source and destination of the packet and should work in both directions.
This NAT statement must look at specifically where the traffic is coming from and where it must go before it can make a decision to alter the packet with NAT. so it's source&destination specific..
Before entering firewall:
let's say a packet with an ip address from the network 10.1.1.0/24 wants to go to destination ip address of 192.168.1.50(website behind firewall):
Once inside the Firewall:
I need this packet to have it's source address turned into 10.50.0.50 and the destination to be turned into 1.1.1.1 (public ip of the website)
to recap:
Source is 10.1.1.0/24 before the firewall and must be turned into 10.50.0.50 once in the firewall and headed to its dest website.
Destination is 192.168.1.50 before the firewall and must be turned into 1.1.1.1 on the firewall headed to its des website.
I need this NAT rule to work in both directions...so the return traffic must make sure it's back to how it is once it passes the firewall and re-enters our network.
Running 9.6 ASA
Help greatly appreciated.
No comments:
Post a Comment