Have a client with an ASA 5510 running IOS 8.3.1. They have a block of 5 public IP addresses, which all currently have a static NAT assigned to them. They are looking at implementing a web interface for an application recently developed for their iSeries and are no in need of another IP address/static NAT entry. They checked with their ISP and the block immediately below them is taken and the next available block of 10 would require everything to be readdressed.
My question, is there a way to consolidate their public IP addresses and allow them to do what they are looking for with their current range? I've not worked much with the 5510's and never with PAT before, but wondering if that is an option. Any help is appreciated.
You can use port address translation for your new web application by using the outside interface ip of your ASA, this way you would just be using that specific port on the public ip on which your application would be running, as an example:
You need to mention the ip but just the "interface" keyword.
nat (outside,inside) source static any any destination static interface obj-10.1.1.1 service tcp_443 tcp_443
This means its the outside interface ip. and in access-list you need to just mention your server private ip, since post 8.3, you need to mention private ip's in your access-list applied on the outside interface.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...