Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ASA 5505 configuration help

Hello,  I need to update the configuration of an ASA 5505 running version 7.2(4)

Currently we have three external IP addresses pointing to three internal  servers as static routes (actual IP's have been changed):

global (outside) 1 interface

nat (inside) 1 0.0.0.0 0.0.0.0

static (inside,outside) 1.2.3.33 192.168.1.11 netmask 255.255.255.255

static (inside,outside) 1.2.3.34 192.168.1.12 netmask 255.255.255.255

static (inside,outside) 1.2.3.35 192.168.1.13 netmask 255.255.255.255

I need to be able to use each of those external IP addresses with port  3390 to connect to a different IP than what is in the static route, ie:

Outside 1.2.3.33:3390 connects to Inside 192.168.1.101:3389

Outside 1.2.3.34:3390 connects to Inside 192.168.1.102:3389

Outside 1.2.3.35:3390 connects to Inside 192.168.1.103:3389

I can easily add the access-list, but I have a feeling the static routes are causing my issues.

access-list acl_out extended permit tcp any host 1.2.3.33 eq 3390

access-list acl_out extended permit tcp any host 1.2.3.34 eq 3390

access-list acl_out extended permit tcp any host 1.2.3.35 eq 3390

Please advise!

Thanks in advance,

Todd

Everyone's tags (5)
1 ACCEPTED SOLUTION

Accepted Solutions

ASA 5505 configuration help

static (inside,outside) tcp 1.2.3.33 3390 192.168.1.101 3389 netmask 255.255.255.255                       .

static (inside,outside) tcp 1.2.3.34 3390 192.168.1.102 3389 netmask 255.255.255.255                                 

static (inside,outside) tcp 1.2.3.35 3390 192.168.1.103 3389 netmask 255.255.255.255

This should do it.

Thanks

Ajay                          

3 REPLIES

ASA 5505 configuration help

static (inside,outside) tcp 1.2.3.33 3390 192.168.1.101 3389 netmask 255.255.255.255                       .

static (inside,outside) tcp 1.2.3.34 3390 192.168.1.102 3389 netmask 255.255.255.255                                 

static (inside,outside) tcp 1.2.3.35 3390 192.168.1.103 3389 netmask 255.255.255.255

This should do it.

Thanks

Ajay                          

New Member

ASA 5505 configuration help

Thanks Ajay,

I had to remove the origonal static NAT's and add in what we needed for specific port redirections, but it worked.

Now that I've thought about it longer, it's starting to make sense!

Thanks for the help!

Todd

ASA 5505 configuration help

Good to hear that

736
Views
0
Helpful
3
Replies
CreatePlease to create content