[c-nsp] NAT on Cisco ASA
Covalciuc Piotr
pkovalchuc at gmail.com
Fri Apr 13 09:04:39 EDT 2012
Thank you for your reply.
The "dns" keyword can help if the servers use external DNS server
(DNS-queries goes via ASA).
But, what if the servers uses local DNS server, in the same subnet?
One of the solution can be to change the local DNS records to point to
local IPs instead of external.
But, I'd like to know if it possible to do it on ASA. Maybe some kind of NAT...
Thanks,
Peter
On Thu, Apr 12, 2012 at 12:49h PM, Covalciuc Piotr <pkovalchuc at gmail.com> wrote:
> Hello,
>
> We have a Cisco ASA with 2 interfaces:
>
> ___int.1___
> | ASA |
> -----int.2-----
> / \
> / \
> SRV1 SRV2
>
>
> ASA, int1: 172.16.10.1
> ASA, int2: 10.10.10.1
> SRV1: 10.10.10.101
> SRV2: 10.10.10.102
>
> on ASA we have a NAT
> nat (int1,int2) source static any any destination static 172.16.10.100
> 10.10.10.102
>
> The access from the network on int.1 (172.16.10.0) to SRV2 by NATed IP
> (172.16.10.100) work fine.
> But the access from SRV1 (10.10.10.101) to to SRV2 by NATed IP
> (172.16.10.100) doesn't work (timeout).
>
> I know, the servers can communicate through local network (10.10.10.x).
> I'd like just to know if the communication between local servers can
> be established through NATed IP.
> If so, how it should be configured on ASA?
>
> Thanks,
> Peter
More information about the cisco-nsp
mailing list