asa static nat with only one public ip

Answered Question
Sep 15th, 2007
User Badges:

hi netpros,


customer is using asa 5510 to connect to the internet via pppoe with one public ip on the outside interface (assigned through pppoe - static ip address).


he now wants to publish his webserver through this ip adress. webserver is on a private subnet behind the asa.


when trying to configure static nat, all request are denied with message 710003.

so the asa thinks the traffic is sent to it directly and the nat rule seems not be applied.


is this nat config with one public ip address on the outside interface generally possible?


thanks in advance.


best regards


juergen

Correct Answer by a.alekseev about 9 years 7 months ago

http://cisco.com/en/US/docs/security/asa/asa72/configuration/guide/pppoe.html


nat (inside) 1 0 0

global (outside) 1 interface

static (inside,outside) tcp interface 80 192.168.0.10 80

access-list OUTSIDE-IN permit tcp any any eq 80

access-group OUTSIDE-IN int outside

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
bauer.juergen Sat, 09/15/2007 - 03:17
User Badges:

thanks, its working.

tried to to this through asdm but it did not work when using the public ip in the "translated adress" field. now i can see "(Interface IP)" in this field.


thanks for the fast response and best regards


juergen

Actions

This Discussion