07-24-2007 11:49 AM - edited 03-11-2019 03:48 AM
Can it be done? I tried to split the IP into ports using static (dmz,outside)tcp external www internal www
ACL works as I tried it with a 1:1 translation, but doesnt with I try it this way. Is there an alternative? The company is short a public IP and needs to have it working this way.
07-24-2007 02:26 PM
You can configure port redirection to forward traffic based on global IP & port to the appropriate interval server. Here's a small example.
static (dmz,outside) tcp 209.165.201.5 smtp 10.1.1.6 smtp netmask 255.255.255.255
static (dmz,outside) tcp 209.165.201.5 www 10.1.1.3 www netmask 255.255.255.255
HTH
Sundar
07-25-2007 05:06 AM
HI, When I posted this, the static translations weren't working. After I posted I blew them away and re-entered them one at a time and tested them and they started working. I had them done correctly, but for some odd reason they just refused to work, but work now that I redid them.
07-24-2007 02:29 PM
Hi,
static (dmz,outside)tcp external www internal www
This should work fine, make sure you also include ports in ACL like following example:
access-list 101 permit tcp any host external eq www
access-group 101 in interface outside
Also ports for 2 ip addresses should be different.
Hope this helps.
Regards
Rohit
07-24-2007 09:24 PM
Try below command it works
1. Connects outside X.X.X.X on service 8080 to Internal Y.Y.Y.Y on service WWW.
-->(config)# static (inside,outside) tcp X.X.X.X 8080 Y.Y.Y.Y www netmask
255.255.255.255
2. Redirect Telnet requests for X.X.X.X to Y.Y.Y.Y by entering the following command:
--> config)# static (inside,outside) tcp X.X.X.X telnet Y.Y.Y.Y telnet netmask
255.255.255.255
Hope this will help
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: