ASA5505 on external DHCP with PAT for internal www and smtp servers
I've been working on my ASA5505 quite happly with the old version of 8.2... for my 642-618 exam, but then it came to having a look at the 'upgrade' and I'm now running 9.1(3).....
Since it's 'only' at home I took the time to rearrange the home network's internal IP subnet numbering at the same time so I 'wiped' the old config and tried from scratch....
The problem I have is the way my ISP runs, the external IP whilst a static address has to connect via DHCP for ... actually no idea why. But the connect requires the DHCP or I don't get a connection if I use a static address on the interface - so assume the dchp request triggers something on their routing...
So, my external interface connected to the adsl modem is:-
ASA5505 on external DHCP with PAT for internal www and smtp serv
Thanks for this, but I now have a question...
could this be made more 'human' readable by using the following then?
Object network mail_server
nat (inside,outside) static interface service tcp 25 25
access-list inbound permit tcp any host mail_server eq 25
In the case of a large deployment with multipule servers, it would make it more 'human' friendly, so is this a case of it will note work, bad practice or will it just increase the load on the firewall cpu/memory?
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...