ASA 5505 allow a range of public IPs to access a web server

Unanswered Question
Dec 2nd, 2009

Hi,

I need to allow a range of public ips to access our server on port 8881. I am stuck on how to add a pool to it.

Public IP xxx.xxx.xxx.190

Private IP server: 10.1.10.10

Range of publics IPs to allow: xxx.70.8.125 - xxx.70.8.146

So far I've done this:

Static NAT

Static (inside,outside) tcp xxx.xxx.xxx.190 8881 10.1.10.10 8881 netmask 255.255.255.255

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jon Marshall Wed, 12/02/2009 - 09:18

[email protected]

Hi,

I need to allow a range of public ips to access our server on port 8881. I am stuck on how to add a pool to it.

Public IP xxx.xxx.xxx.190

Private IP server: 10.1.10.10

Range of publics IPs to allow: xxx.70.8.125 - xxx.70.8.146

So far I've done this:

Static NAT

Static (inside,outside) tcp xxx.xxx.xxx.190 8881 10.1.10.10 8881 netmask 255.255.255.255

Well you could use an object-group ie.

object-group network publicips

network-object host xxx.70.8.125

network-object host xxx.70.8.126

.... etc

network-object host xxx.70.8.146

then use the object group in your acl ie.

access-list outside_in permit tcp object-group publicips host xxx.xxx.xxx.190 eq 8881

Jon

Actions

This Discussion