user manual

3-17
Cisco ASA Series Firewall ASDM Configuration Guide
Chapter 3 Information About NAT (ASA 8.3 and Later)
How NAT is Implemented
Twice NAT also lets you use service objects for static NAT with port translation; network object NAT
only accepts inline definition.
To start configuring twice NAT, see Chapter 5, “Configuring Twice NAT (ASA 8.3 and Later).
Figure 3-14 shows a host on the 10.1.2.0/24 network accessing two different servers. When the host
accesses the server at 209.165.201.11, the real address is translated to 209.165.202.129. When the host
accesses the server at 209.165.200.225, the real address is translated to 209.165.202.130. (See the
“Single Address for FTP, HTTP, and SMTP (Static NAT-with-Port-Translation)” section on page 4-33
for details on how to configure this example.)
Figure 3-14 Twice NAT with Different Destination Addresses
Server 1
209.165.201.11
Server 2
209.165.200.225
DMZ
Inside
10.1.2.27
10.1.2.0/24
130039
209.165.201.0/27 209.165.200.224/27
Translation
209.165.202.12910.1.2.27
Translation
209.165.202.13010.1.2.27
Packet
Dest. Address:
209.165.201.11
Packet
Dest. Address:
209.165.200.225