Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Attention: The Cisco Support Community site will be in read only mode on Dec14, 2017 from 12:01am PST to 11:30am for standard maintenance. Sorry for the inconvenience.

New Member

asa 8.3 multiple static PAT's to the same server/Network_object?

Hi all,

Something I have found a bit confusing and am not sure I am doing correctly with the new "network object" setup is this:

Say I have several servers behind 1 public IP address and several publically accessable services running on the different servers (eg http, https, ftp, smtp, pop3). Under the pre (8.3) verisons I could just make as many "Static PATs" as I liked through to whatever server. All good.

Now if I have one server that runs two public services I have to create two "network objects" for that server. e.g:

object network EmailServer-smtp

     nat (Inside,Outside) static X.X.X.X service tcp 25 25

object network EmailServer-pop3

     nat (Inside,Outside) static X.X.X.X service tcp 110 110

It would be nice if I could do this for example:

object network EmailServer

     nat (Inside,Outside) static X.X.X.X service tcp 25 25

     nat (Inside,Outside) static X.X.X.X service tcp 110 110

Is there a better way do achieve what I want?

Cheers, Simon.

Everyone's tags (3)
1 REPLY
Cisco Employee

Re: asa 8.3 multiple static PAT's to the same server/Network_obj

Hi Simon,

Unfortunately, this is not currently possible and you'll need separate objects for each nat statement.

There is an enhancement request filed to address this:

CSCte96293 - ENH: Objects should support multiple nat/service commands

If/when this enhancement is resolved, you'll be able to achieve what you're looking for.

Hope that helps.

-Mike

735
Views
0
Helpful
1
Replies
CreatePlease to create content