28-28
Cisco ASA 5500 Series Configuration Guide using ASDM
OL-20339-01
Chapter 28 Configuring Twice NAT
Configuration Examples for Twice NAT
Different Translation Depending on the Destination Address and Port (Dynamic
PAT)
Figure 28-55 shows the use of source and destination ports. The host on the 10.1.2.0/24 network accesses
a single host for both web services and Telnet services. When the host accesses the server for web
services, the real address is translated to 209.165.202.129:port. When the host accesses the same server
for Telnet services, the real address is translated to 209.165.202.130:port.
Figure 28-55 Twice NAT with Different Destination Ports
Step 1 Add a NAT rule for traffic from the inside network to the Telnet server:
Figure 28-56 Adding a NAT Rule
By default, the NAT rule is added to the end of section 1. If you want to add a NAT rule to section 3,
after the network object NAT rules, choose Add NAT Rule After Network Object NAT Rules.
Web and Telnet server:
209.165.201.11
Internet
Inside
Translation
209.165.202.12910.1.2.27:80
10.1.2.27
10.1.2.0/24
Translation
209.165.202.13010.1.2.27:23
Web Packet
Dest. Address:
209.165.201.11:80
Telnet Packet
Dest. Address:
209.165.201.11:23
130040
To Next Page
Loading...
