rohandast Sun, 10/25/2009 - 10:56

Would be pleased if you could pass me any reference link to know how to map the IP to Port

Kureli Sankar Sun, 10/25/2009 - 16:28

example:

let us say your public IPs are 10.10.10.1 and 10.10.10.2

Your inside or dmz webserver address is 192.168.1.1 and 192.168.1.2

You can map tcp port 80 between 10.10.10.1 and 192.168.1.1

and tcp 3389 between 10.10.10.2 and 192.168.1.2

static (i,o) tcp 10.10.10.1 80 192.168.1.1 80

static (i,o) tcp 10.10.10.2 3389 192.168.1.2 3389

Allow permission via access-list on the outside interface to allow port 80 to 10.10.10.1 and 3389 to 10.10.10.2

Here is the config. guide for static pat:

http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/cfgnat.html#wp1043281

rohandast Mon, 10/26/2009 - 13:25

Will this configuration may be applicable to ASA 5505 model. Please confirm

rohandast Fri, 10/30/2009 - 06:26

Can any one help to let me know how to conifgure the access-list on the below conditions

Allow permission via access-list on the outside interface to allow port 80 to 10.10.10.1 and 3389 to 10.10.10.2

Kureli Sankar Fri, 10/30/2009 - 07:00

access-list acl-out permit tcp any host 10.10.10.1 eq 80

access-list acl-out permit tcp any host 10.10.10.2 eq 3389

access-g access-l acl-out in int outside

provided outside is the name of your outside interface.

Actions

This Discussion