Hi Merlo,
My understanding is that you do not want the ports to translate for the bi-directional traffic but only the IP's to translate such as:
Source IP 10.10.12.50 (TRUST) to translate to 195.24.23.19 (UNTRUST) for TRUST->UNTRUST when traffic initiated from 10.10.12.50 to ANY destination.
Also when traffic initiated from any Random Source in Untrust to 195.24.23.19 (UNTRUST) to be translated to Source IP 10.10.12.50(TRUST) without any port translation.
If the above is the requirement, a STATIC NAT perfectly works. A combination of SRC NAT and DST NAT is also possible at the same time. Let me know if my understanding is correct. Otherwise, request you to correct me.
Regards,
Pradeep.
↧