01-09-2014 06:52 AM - edited 03-11-2019 08:27 PM
I need to create a static nat rule that allows outside requests to the inside interface using http. I also need to create an access rule for this. Can someone please explain and show me the command I need to use in asa 5500 firewall version 9.x?
Thanks!
Solved! Go to Solution.
01-09-2014 07:13 AM
Hi,
Do you mean that you want to create Static NAT rule where the local IP address is the actual IP address of the ASA "inside" interface?
If so then that is not possible. You wont be able to connect to the "inside" interface through another interface even when using NAT configuration.
You would have to use VPN connection to be able to connect to the "inside" interface IP address.
Otherwise you will need to connect to the ASA with using the "outside" interface IP address.
If you meant that you want to configure Static NAT for some internal host then the configuration format would be
object network STATIC
host
nat (inside,outside) static
Hope this helps
- Jouni
01-09-2014 07:13 AM
Hi,
Do you mean that you want to create Static NAT rule where the local IP address is the actual IP address of the ASA "inside" interface?
If so then that is not possible. You wont be able to connect to the "inside" interface through another interface even when using NAT configuration.
You would have to use VPN connection to be able to connect to the "inside" interface IP address.
Otherwise you will need to connect to the ASA with using the "outside" interface IP address.
If you meant that you want to configure Static NAT for some internal host then the configuration format would be
object network STATIC
host
nat (inside,outside) static
Hope this helps
- Jouni
01-09-2014 07:31 AM
Thanks, that did it.
object network STATIC
host
nat (inside,outside) static
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide