01-05-2010 12:46 PM - edited 03-11-2019 09:53 AM
Hello
I would like to get a second opinion if the below config will work on Cisco PIX or ASA on 7.0 version. Basically configuring the port forwarding to different servers on a LAN on port www on different public IPs
route outside 0.0.0.0 0.0.0.0 11.12.13.14 |
Thank you
Solved! Go to Solution.
01-05-2010 02:29 PM
Hi,
This configuration will work fine.
You're redirecting web port 80 traffic when it hits IP 11.12.13.10 to internal IP 10.0.5.12 and also redirecting www when it hits IP 11.12.13.11 to 10.0.5.22
Just make sure that DNS is configured correctly to resolve the correct IPs and that web traffic reaching 11.12.13.10 is really intended for 10.0.5.12 and web traffic reaching 11.12.13.11 is really intended for 10.0.5.22
Let me know.
Federico.
01-05-2010 02:36 PM
If your goal is to forward TCP port 80 for 11.12.13.10 to 10.0.5.12 and 11.12.13.11 to 10.0.5.22 then this should work fine.
If using ASA code 7.2(1) and above you can use the packet tracer command to test your configs.
packet-tracer input [src_int] protocol src_addr src_port dest_addr dest_port [detailed] [xml]
packet-tracer input outside tcp 4.1.1.1 1024 11.12.13.10 80 detailed
packet-tracer input outside tcp 4.1.1.1 1024 11.12.13.11 80 detailed
http://www.cisco.com/en/US/docs/security/asa/asa80/command/reference/p.html#wp1878788
01-06-2010 08:42 PM
For the packet-tracer instead of CLI you can also use your ASDM (above 7.2(x) ).
Just access your ASA using ASDM, --> rollover TOOLS--> Click on packet-tracer and set the packet parameters you want to simulate.
HTH
Vijaya
01-05-2010 02:29 PM
Hi,
This configuration will work fine.
You're redirecting web port 80 traffic when it hits IP 11.12.13.10 to internal IP 10.0.5.12 and also redirecting www when it hits IP 11.12.13.11 to 10.0.5.22
Just make sure that DNS is configured correctly to resolve the correct IPs and that web traffic reaching 11.12.13.10 is really intended for 10.0.5.12 and web traffic reaching 11.12.13.11 is really intended for 10.0.5.22
Let me know.
Federico.
01-07-2010 06:24 AM
I appreciate all your responses. I tested it and and worked. Thank you
01-05-2010 02:36 PM
If your goal is to forward TCP port 80 for 11.12.13.10 to 10.0.5.12 and 11.12.13.11 to 10.0.5.22 then this should work fine.
If using ASA code 7.2(1) and above you can use the packet tracer command to test your configs.
packet-tracer input [src_int] protocol src_addr src_port dest_addr dest_port [detailed] [xml]
packet-tracer input outside tcp 4.1.1.1 1024 11.12.13.10 80 detailed
packet-tracer input outside tcp 4.1.1.1 1024 11.12.13.11 80 detailed
http://www.cisco.com/en/US/docs/security/asa/asa80/command/reference/p.html#wp1878788
01-06-2010 08:42 PM
For the packet-tracer instead of CLI you can also use your ASDM (above 7.2(x) ).
Just access your ASA using ASDM, --> rollover TOOLS--> Click on packet-tracer and set the packet parameters you want to simulate.
HTH
Vijaya
01-06-2010 11:02 PM
Hi,
Configuring Port forwarding in cisco PIX/ASA check out the below link hope this help out your query !!
http://i.i.com.com/cnwk.1d/i/tr/downloads/home/1587052148_chapter_5.pdf
Regards
Ganesh.H
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide