05-13-2009 07:26 AM - edited 03-11-2019 08:31 AM
We are trying to use a single public IP and have web traffic routed to our webserver and have the other traffic handled normally. We have NAT configured and can access the Internet through the firewall.
However, when we added the static PAT mapping and the access-list to allow external computers to access the web server on our network, which is mapped to the same IP as the outside interface through the static command, the traffic is not going through and there is no hit on the access list.
We tried to use static NAT to translate the server to a different public IP and everything worked fine.
Our question is that since we will have only one public IP at the site, how do we make it work? The following command is the static command we used:
static (inside,outside) tcp 65.xxx.xxx.69 www 10.0.0.5 www netmask 255.255.255.255
We also have access-list to allow all www traffic to the 65.xxx.xxx.69 address.
The xlate table shows a line like below:
PAT Global 65.xxx.xxx.69 (80) 10.0.0.5 (80)
Looks the static map is working.
Please let us know what we are missing here.
05-13-2009 07:57 AM
Sounds liks everything is OK. Sometimes you do have to clear xlate for it to work.
clear xlate is the command in case you don't know it.
Hope that helps.
05-13-2009 12:44 PM
If the clear xlate does not resolve this use interface instead of the outside IP address. I have ran into this issue before and it has resolved it.
Example:
static (inisde,outside) tcp interface 80 10.0.0.5 80 netmask 255.255.255.255
Good Luck!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide