03-09-2014 11:27 PM - edited 03-11-2019 08:55 PM
i have one DMZ interface with 3 different Server having different listening ports in cisco asa 5510
Solved! Go to Solution.
03-11-2014 05:21 AM
Yes , you can do it on version 8.2 using Static inside PAT. When we want to allow inbound connectivity to a no. of local servers, using a single global IP address. Remember, of course, that an interface access-list on ASA would still need to be configured to allow such connections. It allows port redirection so that multiple local servers, using unique local ports, can share a single global IP address.
static(DMZ,outside) tcp 125.209.70.90 6080 10.1.1.245 6080 netmask 255.255.255.255
static(DMZ,outside) tcp 125.209.70.90 443 10.1.1.246 443 netmask 255.255.255.255
static(DMZ,outside) tcp 125.209.70.90 80 10.1.1.254 80 netmask 255.255.255.255
access-list OUT_DMZ permit tcp any host 125.209.70.90 eq 6080
access-list OUT_DMZ permit tcp any host 125.209.70.90 eq 443
access-list OUT_DMZ permit tcp any host 125.209.70.90 eq 80
HTH
"Please rate helpful posts"
03-10-2014 04:49 AM
what exactly you are trying to achieve
03-10-2014 09:30 PM
Dear
i have one cisco 5510 asa and having one inside and one outside interface and one dmz interface.
inside ip:192.168.11.249
outside ip: 125.209.70.90/29
dmz ip: 10.1.1.1/24
in dmz zone i have three servers having ip belo
server1 ip : 10.1.1.245 with listeing port 6080
server2 ip : 10.1.1.246 with listining port 443
server3 ip : 10.1.1.254 with listening port 80
and i want to traslate these ip into outside interface
and want to open these from outside over ther intenet like
125.209.70.90:6080/abc
125.209.70.90:443/xyz
125.209.70.90:80/asd
Thanks
03-10-2014 10:01 PM
What version?
Try to post as much information as possible on each answer u provide.
Regards
03-10-2014 10:17 PM
version 8.2
03-11-2014 05:21 AM
Yes , you can do it on version 8.2 using Static inside PAT. When we want to allow inbound connectivity to a no. of local servers, using a single global IP address. Remember, of course, that an interface access-list on ASA would still need to be configured to allow such connections. It allows port redirection so that multiple local servers, using unique local ports, can share a single global IP address.
static(DMZ,outside) tcp 125.209.70.90 6080 10.1.1.245 6080 netmask 255.255.255.255
static(DMZ,outside) tcp 125.209.70.90 443 10.1.1.246 443 netmask 255.255.255.255
static(DMZ,outside) tcp 125.209.70.90 80 10.1.1.254 80 netmask 255.255.255.255
access-list OUT_DMZ permit tcp any host 125.209.70.90 eq 6080
access-list OUT_DMZ permit tcp any host 125.209.70.90 eq 443
access-list OUT_DMZ permit tcp any host 125.209.70.90 eq 80
HTH
"Please rate helpful posts"
03-11-2014 11:30 PM
Thanks a lot ponam can u send also the bat configuration
and outside the internet 125.209.70.90:8888/dhamap its not working
03-11-2014 11:35 PM
i need to open these below
local server haiving ip 10.1.1.245 with 8888 port at 125.209.70.90:8888/abc
local server haiving ip 10.1.1.246 with 443 port at 125.209.70.90:443/xyz
local server haiving ip 10.1.1.254 with 80 port at 125.209.70.90:80/asd
Over the internet in 8.2 cisco asa 5510
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide