rohandast Sun, 10/25/2009 - 10:56
User Badges:

Would be pleased if you could pass me any reference link to know how to map the IP to Port

Kureli Sankar Sun, 10/25/2009 - 16:28
User Badges:
  • Cisco Employee,

example:

let us say your public IPs are 10.10.10.1 and 10.10.10.2


Your inside or dmz webserver address is 192.168.1.1 and 192.168.1.2


You can map tcp port 80 between 10.10.10.1 and 192.168.1.1


and tcp 3389 between 10.10.10.2 and 192.168.1.2


static (i,o) tcp 10.10.10.1 80 192.168.1.1 80


static (i,o) tcp 10.10.10.2 3389 192.168.1.2 3389


Allow permission via access-list on the outside interface to allow port 80 to 10.10.10.1 and 3389 to 10.10.10.2


Here is the config. guide for static pat:

http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/cfgnat.html#wp1043281


rohandast Mon, 10/26/2009 - 13:25
User Badges:

Will this configuration may be applicable to ASA 5505 model. Please confirm

rohandast Fri, 10/30/2009 - 06:26
User Badges:

Can any one help to let me know how to conifgure the access-list on the below conditions


Allow permission via access-list on the outside interface to allow port 80 to 10.10.10.1 and 3389 to 10.10.10.2


Kureli Sankar Fri, 10/30/2009 - 07:00
User Badges:
  • Cisco Employee,

access-list acl-out permit tcp any host 10.10.10.1 eq 80

access-list acl-out permit tcp any host 10.10.10.2 eq 3389


access-g access-l acl-out in int outside


provided outside is the name of your outside interface.


Actions

This Discussion