Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ASA 5505 allow a range of public IPs to access a web server

Hi,

I need to allow a range of public ips to access our server on port 8881. I am stuck on how to add a pool to it.

Public IP xxx.xxx.xxx.190

Private IP server: 10.1.10.10

Range of publics IPs to allow: xxx.70.8.125 - xxx.70.8.146

So far I've done this:

Static NAT

Static (inside,outside) tcp xxx.xxx.xxx.190 8881 10.1.10.10 8881 netmask 255.255.255.255

1 REPLY
Hall of Fame Super Blue

Re: ASA 5505 allow a range of public IPs to access a web server

eferraros@ewpartners.com

Hi,

I need to allow a range of public ips to access our server on port 8881. I am stuck on how to add a pool to it.

Public IP xxx.xxx.xxx.190

Private IP server: 10.1.10.10

Range of publics IPs to allow: xxx.70.8.125 - xxx.70.8.146

So far I've done this:

Static NAT

Static (inside,outside) tcp xxx.xxx.xxx.190 8881 10.1.10.10 8881 netmask 255.255.255.255

Well you could use an object-group ie.

object-group network publicips

network-object host xxx.70.8.125

network-object host xxx.70.8.126

.... etc

network-object host xxx.70.8.146

then use the object group in your acl ie.

access-list outside_in permit tcp object-group publicips host xxx.xxx.xxx.190 eq 8881

Jon

369
Views
0
Helpful
1
Replies