Single Public IP Address Problem With ASA 5505

Unanswered Question
Jun 15th, 2010
User Badges:

Hi,


I normally setup my PIX and ASAs when the ISP has issued a range of public IPs, e.g. 5, 8 or 13.

One of these is normally bound to the outside interface and another set aside for smtp email.


The problem I have is that one of my clients are in a serviced office and they only allow ONE public IP.

I'm having difficulty getting my default config to work with just a single outside IP.

The "static" command is returning an error like below.


ERROR: Static PAT using the interface requires the use of the 'interface' keyword instead of the interface IP address.


The line I'm attempting to load is something like the below.

static (inside,outside) tcp OUTSIDE-IP smtp SBS smtp netmask 255.255.255.255


The error returned suggests that I use just the "interface" keyword instead of the IP or name.

Will this work ?


Thanks.

Steve.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
stephenwilletts Wed, 06/16/2010 - 02:01
User Badges:

Hi,,

Thank you for this, I will give it a try.

I also need to use the same line for https but it complains about this line.

I think it may be clashing with the ASDM on port 443.

Is there a way around this ?


Thanks.

S.

Federico Coto F... Thu, 06/17/2010 - 07:27
User Badges:
  • Green, 3000 points or more

You can configure ASDM to ''listen'' on another port, if you need to redirect HTTPS.


Federico.

Kureli Sankar Thu, 06/17/2010 - 23:38
User Badges:
  • Cisco Employee,

Steve,


1. you need to change asdm port


command: "http server enable 5443"  ------> change port 443 to 5443 or  another number like 4443.


Once done you should use https://ip_address:5443 to access asdm.


2. Once the above is done then you can add these two lines.


static (inside,outside) tcp interface smtp SBS smtp netmask 255.255.255.255

static (inside,outside) tcp interface https SBS https netmask 255.255.255.255


-KS

Actions

This Discussion