Traffic inspection & forwarding

Answered Question
Dec 12th, 2007

Not entirely sure how to approach this.

We have a need to direct traffic from the internet to a single public IP to different destinations internally solely based on the port (and more securely the type of traffic).

Can the ASA (5510 (v. 7.2(2)) accomplish this?

For example:

incoming TCP 25 traffic to public IP 21.21.52.12 gets directed to a SPAM filter with an internal IP of 192.168.66.1 while traffic to the same public IP on port TCP 80 TCP 443 and TCP 1352 is directed to a server with an internal IP of 192.168.45.5.

I have this problem too.
0 votes
Correct Answer by acomiskey about 9 years 1 month ago

static (inside,outside) tcp 21.21.52.12 25 192.168.66.1 25 netmask 255.255.255.255

static (inside,outside) tcp 21.21.52.12 80 192.168.45.5 25 netmask 255.255.255.255

static (inside,outside) tcp 21.21.52.12 443 192.168.45.5 443 netmask 255.255.255.255

static (inside,outside) tcp 21.21.52.12 1352 192.168.45.5 1352 netmask 255.255.255.255

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Correct Answer
acomiskey Wed, 12/12/2007 - 09:31

static (inside,outside) tcp 21.21.52.12 25 192.168.66.1 25 netmask 255.255.255.255

static (inside,outside) tcp 21.21.52.12 80 192.168.45.5 25 netmask 255.255.255.255

static (inside,outside) tcp 21.21.52.12 443 192.168.45.5 443 netmask 255.255.255.255

static (inside,outside) tcp 21.21.52.12 1352 192.168.45.5 1352 netmask 255.255.255.255

bsisco Wed, 12/12/2007 - 09:34

Thanks!! I should have known that and something tells me I should feel start feeling dumb now ;)

Actions

This Discussion