Cisco ASA 5505 User Manual

Page 612

Advertising
background image

31-6

Cisco ASA 5500 Series Configuration Guide using the CLI

Chapter 31 Configuring Twice NAT

Configuring Twice NAT

Step 5

(Optional)

object service

obj_name

service

{tcp | udp} destination

operator port

Example:

hostname(config)# object service REAL_SVC

hostname(config-service-object)# service

tcp destination eq 80

hostname(config)# object service

MAPPED_SVC

hostname(config-service-object)# service

tcp destination eq 8080

Configure service objects for:

Destination real port

Destination mapped port

Dynamic NAT does not support port translation. However,
because the destination translation is always static, you can
perform port translation for the destination port. A service object
can contain both a source and destination port, but only the
destination port is used in this case. If you specify the source port,
it will be ignored. NAT only supports TCP or UDP. When
translating a port, be sure the protocols in the real and mapped
service objects are identical (both TCP or both UDP). For identity
NAT, you can use the same service object for both the real and
mapped ports. The “not equal” (neq) operator is not supported.

Command

Purpose

Advertising
This manual is related to the following products:

ASA 5585-X, ASA 5555-X, ASA 5545-X, ASA 5525-X, ASA 5515-X, ASA 5512-X, ASA 5580, ASA 5550, ASA 5540, ASA 5520, ASA 5510, ASA 5500 Series

Popular Brands
Popular manuals