Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

using a single public IP and routing to two different internal locations

We are trying to use a single public IP and have web traffic routed to our webserver and have the other traffic handled normally. We have NAT configured and can access the Internet through the firewall.

However, when we added the static PAT mapping and the access-list to allow external computers to access the web server on our network, which is mapped to the same IP as the outside interface through the static command, the traffic is not going through and there is no hit on the access list.

We tried to use static NAT to translate the server to a different public IP and everything worked fine.

Our question is that since we will have only one public IP at the site, how do we make it work? The following command is the static command we used:

static (inside,outside) tcp www www netmask

We also have access-list to allow all www traffic to the address.

The xlate table shows a line like below:

PAT Global (80) (80)

Looks the static map is working.

Please let us know what we are missing here.


Re: using a single public IP and routing to two different intern

Sounds liks everything is OK. Sometimes you do have to clear xlate for it to work.

clear xlate is the command in case you don't know it.

Hope that helps.

Community Member

Re: using a single public IP and routing to two different intern

If the clear xlate does not resolve this use interface instead of the outside IP address. I have ran into this issue before and it has resolved it.


static (inisde,outside) tcp interface 80 80 netmask

Good Luck!

CreatePlease to create content