Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1015
Views
0
Helpful
4
Replies

ASA 5505 , Need to create public server for DVR cams (only 1 public IP)

Go to solution
Reprovoid
Level 1
Level 1

‎04-20-2012 01:41 AM - edited ‎03-11-2019 03:56 PM

Hi.I'm trying via the ASDM to port forward http connections to a DVR for the purpose of viewing IP cams.I've tried via ASDM to create a public server but I'm not allowed to use my public IP address for the public Interface.I have only one public IP address available.Is there any way round this ?

  I would also like to know how I can enable NAT with PAT.I've tried setting the outside Interface for use with PAT but It keeps reverting to the setting for a range of external addresses.

I'm not really used to the ASA cli yet , I'm getting there.If there's a workaround via the CLI , I'll take that route.

Thank you.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Daniele Giordano
Level 8
Level 8

‎04-20-2012 02:43 AM

Static NAT and port forwarding oh http 80 port via CLI:

interface GigabitEthernet0

nameif inside

ip address x.x.x.x

!

interface GigabitEthernet1

nameif outside

ip address x.x.x.x

static (inside,outside) tcp ASA_OUTSIDE_IP 80 DVR_IP 80 netmask 255.255.255.255

You must adjust your ACL also.

Enable PAT via CLI:

global (outside) 1 ASA_IP

nat (inside) 1 FIRST_LAN_IP_HOST 255.255.255.255

nat (inside) 1 SECOND_LAN_IP_HOST 255.255.255.255

etc.

Regards.

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Daniele Giordano
Level 8
Level 8

‎04-20-2012 02:43 AM

Static NAT and port forwarding oh http 80 port via CLI:

interface GigabitEthernet0

nameif inside

ip address x.x.x.x

!

interface GigabitEthernet1

nameif outside

ip address x.x.x.x

static (inside,outside) tcp ASA_OUTSIDE_IP 80 DVR_IP 80 netmask 255.255.255.255

You must adjust your ACL also.

Enable PAT via CLI:

global (outside) 1 ASA_IP

nat (inside) 1 FIRST_LAN_IP_HOST 255.255.255.255

nat (inside) 1 SECOND_LAN_IP_HOST 255.255.255.255

etc.

Regards.

0 Helpful

Go to solution
Reprovoid
Level 1
Level 1
In response to Daniele Giordano

‎04-20-2012 03:20 AM

Hi.Thank you!

  So on an ASA I have to configure PAT one internal address at a time ? Why have they set things up that way ?

0 Helpful

Go to solution
Daniele Giordano
Level 8
Level 8
In response to Reprovoid

‎04-20-2012 06:31 AM

You can configure a network how explain in this example:

nat (inside) 1 192.168.1.0 255.255.255.0

Regards.

0 Helpful

Go to solution
Reprovoid
Level 1
Level 1
In response to Daniele Giordano

‎04-20-2012 10:19 AM

Thanks for your help!

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card