Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
New Member

Plase advice me for NAT on Cisco ASA5520

Please advice me for NAT on Cisco ASA5520.

i want to nat on asa for any user form internet can access SIP server via

203.145.22.121:6060 to 192.168.0.10:5060 and 192.168.0.11:5061

and from internet can access WEB server via 203.145.22.121:8888 to 192.168.1.10:8880

have any way i create loadbalance on asa5520 to user sip server

thank you so much.

4 REPLIES
New Member

Re: Plase advice me for NAT on Cisco ASA5520

for nat something like this:

sip:

static (inside,outside) tcp 203.145.22.121 6060 192.168.0.10 5060 netmask 255.255.255.255

don't really know but don't think loadbalancing is possible.

web:

static (inside,outside) tcp 203.145.22.121 8888 192.168.1.10 8880 netmask 255.255.255.255

the alcs:

access-list outside_access_in extended permit tcp any 203.145.22.121 255.255.255.255 eq 6060

access-list outside_access_in extended permit tcp any 203.145.22.121 255.255.255.255 eq 8888

the interface:

access-group outside_access_in in interface outside

hope thats correct and helps

regards,

juergen

Re: Plase advice me for NAT on Cisco ASA5520

Hi, double check your web static nat as 192.168.1.10 is in dmz interface not inside.

rgds

Jorge

New Member

Re: Plase advice me for NAT on Cisco ASA5520

right, should be (dmz,outside)

New Member

Re: Plase advice me for NAT on Cisco ASA5520

For your load balancing issue, can you do a cluster for the two servers so that there is one Virtual IP and one port to listen on/

Satya

177
Views
0
Helpful
4
Replies
CreatePlease to create content