[c-nsp] NAT on Cisco ASA

krunal shah krun.shah at gmail.com
Thu Apr 12 15:41:08 EDT 2012


Since server 1 and server 2 both are in same subnet the ARP entry for each
server resolves to each server's MAC address so you cannot do this via
going thru the firewall unless you put another ASA inline between server 1
and server 2 and make it in bridge mode.

OR try statically put ARP entry on server 2 point to ASA MAC address for
10.10.10.1 and vise versa.

Krunal


On Thu, Apr 12, 2012 at 12:59 PM, Ryan West <rwest at zyedge.com> wrote:

> On Thu, Apr 12, 2012 at 12:49:47, Covalciuc Piotr wrote:
> > Subject: [c-nsp] NAT on Cisco ASA
> > I know, the servers can communicate through local network (10.10.10.x).
> > I'd like just to know if the communication between local servers can
> > be established through NATed IP.
> > If so, how it should be configured on ASA?
> >
>
> Are you connecting to the NAT'd IP because of a public DNS record?  If so,
> you could do a DNS rewrite to provide the local IP address when you query
> for the public.  Just add the 'dns' keyword to the end of the statement.
>
> -ryan
>
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>


More information about the cisco-nsp mailing list