Port mapping for two public IP

rohandast · ‎10-24-2009

We have ASA 5505. Is it possible to Port map two public IP from ADSL connection to Internal network. We already have one IP mapped.

Kureli Sankar · ‎10-25-2009

Yes it is possible.

rohandast · ‎10-25-2009

Would be pleased if you could pass me any reference link to know how to map the IP to Port

Kureli Sankar · ‎10-25-2009

example:

let us say your public IPs are 10.10.10.1 and 10.10.10.2

Your inside or dmz webserver address is 192.168.1.1 and 192.168.1.2

You can map tcp port 80 between 10.10.10.1 and 192.168.1.1

and tcp 3389 between 10.10.10.2 and 192.168.1.2

static (i,o) tcp 10.10.10.1 80 192.168.1.1 80

static (i,o) tcp 10.10.10.2 3389 192.168.1.2 3389

Allow permission via access-list on the outside interface to allow port 80 to 10.10.10.1 and 3389 to 10.10.10.2

Here is the config. guide for static pat:

rohandast · ‎10-26-2009

Will this configuration may be applicable to ASA 5505 model. Please confirm

Panos Kampanakis · ‎10-26-2009

Yes kusankar's example can be used on a 5505.

PK

rohandast · ‎10-30-2009

Can any one help to let me know how to conifgure the access-list on the below conditions

Allow permission via access-list on the outside interface to allow port 80 to 10.10.10.1 and 3389 to 10.10.10.2

Kureli Sankar · ‎10-30-2009

access-list acl-out permit tcp any host 10.10.10.1 eq 80

access-list acl-out permit tcp any host 10.10.10.2 eq 3389

access-g access-l acl-out in int outside

provided outside is the name of your outside interface.