[c-nsp] NAT on Cisco ASA
Brian Morgan
bluedogs at gmail.com
Fri Apr 13 10:13:28 EDT 2012
On Thu, Apr 12, 2012 at 12:49 PM, Covalciuc Piotr <pkovalchuc at gmail.com> wrote:
> I know, the servers can communicate through local network (10.10.10.x).
> I'd like just to know if the communication between local servers can
> be established through NATed IP.
> If so, how it should be configured on ASA?
Good day Peter,
It is possible for this to work by using a technique called hair
pinning, the problem is that you may start getting strange behavior
with your inside network.
This feature was originally intended to allow vpn clients to
communicate to each other, but can be abused to perform the NATing
that you need.
Cisco has released a nice video tutorial on how to do this
http://www.youtube.com/watch?v=wjEfdfI0BqY and we have used this
technique in labs, but try not to use it for production networks.
Good Luck,
Brian
More information about the cisco-nsp
mailing list