Cisco NAT

ASA static and dynamic NAT combined Some clarification.

 · 1 min read


object network 192.168.101.152
nat (inside,outside) static 2.2.2.3

( Static will always take precedence of dynamic. So the above one will take effect )

object network 192.168.101.0
nat (inside,outside) dynamic interface  ( 2.2.2.2 )


object network 192.168.101.101
nat (inside,outside) static 2.2.2.3 service tcp https https

( The above one is more specific because it involves port. Also, https is destination port. So inbound traffic will take this route, not the first one )


192.168.101.20 -> 8.8.8.8 port 443 (dynamic pat)
8.8.8.8 -> 192.168.101.20 p[ort 443 (static https)

192.168.101.21 -> 8.8.8.8 port 443 (specific static nat 2.2.2.3)
8.8.8.8.8 -> 2.2.2.3 80 (192.168.101.21)

192.168.101.22 -> 8.8.8.8 port 443 (it will take the connection from 21, and build a new session)
This statement is not recommended, because one-to-one nat can be with only one IP, unless port is not specified )




Cloud support

Cloud support team provides hosting related support and technology updates. Cover technology like cloud printing, Cloud PBAX, VoIP, Kubernetes, Ubuntu, Linux etc. Contact us on support@ERPGulf.com

No comments yet

No comments yet. Start a new discussion.

Add Comment