cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
442
Views
0
Helpful
2
Replies

asa static nat with only one public ip

bauer.juergen
Level 1
Level 1

hi netpros,

customer is using asa 5510 to connect to the internet via pppoe with one public ip on the outside interface (assigned through pppoe - static ip address).

he now wants to publish his webserver through this ip adress. webserver is on a private subnet behind the asa.

when trying to configure static nat, all request are denied with message 710003.

so the asa thinks the traffic is sent to it directly and the nat rule seems not be applied.

is this nat config with one public ip address on the outside interface generally possible?

thanks in advance.

best regards

juergen

1 Accepted Solution

Accepted Solutions

a.alekseev
Level 7
Level 7

http://cisco.com/en/US/docs/security/asa/asa72/configuration/guide/pppoe.html

nat (inside) 1 0 0

global (outside) 1 interface

static (inside,outside) tcp interface 80 192.168.0.10 80

access-list OUTSIDE-IN permit tcp any any eq 80

access-group OUTSIDE-IN int outside

View solution in original post

2 Replies 2

a.alekseev
Level 7
Level 7

http://cisco.com/en/US/docs/security/asa/asa72/configuration/guide/pppoe.html

nat (inside) 1 0 0

global (outside) 1 interface

static (inside,outside) tcp interface 80 192.168.0.10 80

access-list OUTSIDE-IN permit tcp any any eq 80

access-group OUTSIDE-IN int outside

thanks, its working.

tried to to this through asdm but it did not work when using the public ip in the "translated adress" field. now i can see "(Interface IP)" in this field.

thanks for the fast response and best regards

juergen

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: