Cisco ASA Series Cli Configuration Manual page 758
Software version 9.0 for the services module
Hide thumbs
Also See for ASA Series:
- Configuration manual (429 pages) ,
- Getting started (31 pages) ,
- Mount and connect (12 pages)
Table of Contents
Advertisement
NAT in Routed and Transparent Mode
Figure 1-10
Source Addr Translation
10.1.1.75
1.
When the inside host at 10.1.1.75 sends a packet to a web server, the real source address of the
packet, 10.1.1.75, is changed to a mapped address, 209.165.201.15.
2.
When the server responds, it sends the response to the mapped address, 209.165.201.15, and the
ASA receives the packet because the upstream router includes this mapped network in a static route
directed to the ASA management IP address. See the
page 1-19
3.
The ASA then undoes the translation of the mapped address, 209.165.201.15, back to the real
address, 10.1.1.1.75. Because the real address is directly-connected, the ASA sends it directly to the
host.
4.
For host 192.168.1.2, the same process occurs, except for returning traffic, the ASA looks up the
route in its routing table and sends the packet to the downstream router at 10.1.1.3 based on the ASA
static route for 192.168.1.0/24. See the
Networks" section on page 1-21
Cisco ASA Series CLI Configuration Guide
1-12
NAT Example: Transparent Mode
www.example.com
Internet
209.165.201.15
10.1.1.2
10.1.1.75
10.1.1.3
192.168.1.1
Network 2
for more information about required routes.
for more information about required routes.
Static route on router:
Dest: 209.165.201.0/27 send to 10.1.1.1
Static route on ASA:
Dest: 192.168.1.0/24 send to 10.1.1.3
Management IP
10.1.1.1
ASA
Source Addr Translation
192.168.1.2
192.168.1.2
"Mapped Addresses and Routing" section on
"Transparent Mode Routing Requirements for Remote
Chapter 1
Information About NAT
209.165.201.10
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
