Server with hardcoded global IP needs to go behind ASA

Unanswered Question
Sep 28th, 2009

I have a server that needs two nic's, a public address on one and a private/inside IP on the other. The server needs to have a public IP since the application is hardcoded to use it. Obviously, it is not secure to have a public ip of a server on the outside of the ASA. I'm trying to find a way to put it behind the ASA but keep the public address. If they had two public ranges this would't be a problem. Does any one have any ideas? I'm basiclly trying to figure a way around the fact that there can not be two interfaces with the same ip range.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
platinum_jem Mon, 09/28/2009 - 20:15

You can try assigning a small /30 subnet from your public IPs using one of your ASA interface and connecting it to the 'Public'.

That way you can make use of a public IP for your server and connect it to this interface.

As for routing wise, set your default route via the 'Public' interface and static routes individually for the internal LANs.


This Discussion