SA 520: connecting different public ip's to different private ip's

Unanswered Question
Apr 7th, 2010

Hello

I have Cisco SA 520 recieving http-trafic to different public ip addressses needing to be forwarded to different private ip's. I have tried to use "Networking-> Optional port-> Protocol Bindings" but no success.

example:

www.pages at wan public ip 123.123.123.3 -> port 80 -> forward to private ip 10.10.10.45

www pages at wan public ip 123.123.123 4 -> port 80 -> forward to private ip 10.10.10.62

Protocol binding configuration:

service = http;  local gateway = dedicated lan; source network start single address= 123.123.123.3; Destination network Start Single address; 10.10.10.45

I have made the firewall rules.

SA 520's dedicated wan address is 123.123.123.2/255.255.255.224 gw 123.123.123.1.

I have only Dedicated wan in use. Firmware version is 1.1.21

Vellu

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
rshao Wed, 04/21/2010 - 16:06

It looks like you are trying to do 1:1 NATing.

With SA500, you can achieve tihs by using IP Aliasing and then defining the mapping under IPv4 Rules.

Under the WAN > IP Alias, you create the IP aliasing to associates your public IP addresses (123.123.123.3 and .4) with your WAN interface.

Then under Firewall > IPv4 Rules, define a firewall rules for insecure zone to secure zone direction and to allow http (80) servcie.

To map the priviate IP addresses (10.10.10.45 and .62), under the "Destination NAT settings" enter the private IP address in the Internal IP address field.

In the external IP address field, select the IP alias (which is your external IP address) you define earlier.

The SA500 admin guide below under "Configuring a Firewall Rule for Inbound Traffic" has some more information about the meaning of the field.

http://www.ciscosystems.com.ro/en/US/products/ps9932/prod_maintenance_guides_list.html

Hopefully this helps!

Cheers,

Richard

Actions

This Discussion