Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Open port 80 using outside IP

We are using Cisco ASA 5510 as a gateway. We are out of the public IP addresses for hosting web sites. Can we use the outside IP (public/WAN IP) for HTTP? If yes, what?s the command line?

1 ACCEPTED SOLUTION

Accepted Solutions

Re: Open port 80 using outside IP

Hi,

In PIX 7.x (similar to previous PIX 6.x), there is a feature called port redirection.

You need to statically mapped your internal/dmz server to your ASA outside interface IP and create ACL permitting incoming HTTP access.

Example:

access-list outside permit tcp any host 172.18.124.216 eq www

ip address outside 172.18.124.216 255.255.255.0

static (inside,outside) tcp interface www 10.1.1.5 www netmask 255.255.255.255 --> the 'interface' refers to Outside interface IP, the 10.1.1.5 is your internal server

access-group outside in interface outside

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a00804708b4.shtml

Rgds,

AK

2 REPLIES
Silver

Re: Open port 80 using outside IP

Yes that is possible. What you need is static pat. The following URL has additional information on this:

http://www.cisco.com/warp/public/707/28.html#topic9

Re: Open port 80 using outside IP

Hi,

In PIX 7.x (similar to previous PIX 6.x), there is a feature called port redirection.

You need to statically mapped your internal/dmz server to your ASA outside interface IP and create ACL permitting incoming HTTP access.

Example:

access-list outside permit tcp any host 172.18.124.216 eq www

ip address outside 172.18.124.216 255.255.255.0

static (inside,outside) tcp interface www 10.1.1.5 www netmask 255.255.255.255 --> the 'interface' refers to Outside interface IP, the 10.1.1.5 is your internal server

access-group outside in interface outside

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a00804708b4.shtml

Rgds,

AK

104
Views
0
Helpful
2
Replies
CreatePlease login to create content