Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

how i can configure the below ASA 5505 Web Servers -

hello

we have a cisco asa 5505 and it working great .

i want to create web server that only selected public ip address can access .. so here is  my seneriuo

Head Office

public ip address 155.155.155.1

IT Servers .192.168.10.1

Branch office 1

Public ip address

155.155.155.20.


Branch office 2

Public ip address

155.155.155.30

so i want only this two public ip address can access our It server 192.168.10.1 by serving web . not remote client connection

please any idea about this and how i can do that

thank you very much any time


2 REPLIES
Hall of Fame Super Silver

Re: how i can configure the below ASA 5505 Web Servers -

Thomas,

1. Create a NAT rule for the web server.

2. Create an access list bound to your outside interface allowing the two branch offices' public IP addresses to access the server's public IP (the NAT address) via tcp port 80.

Both are most easily done by a novice ASA user under the ASDM GUI (Configuration, Firewall NAT Rules and Access Rules). For a command line guide procedure (8.2 or earlier) see this example.

how i can configure the below ASA 5505 Web Servers -

Hello,

I guess you use the same public IP on the ASA 5505 outside interface to access Internal server via web. In that scenario you need to do port forwarding. Please see below...

static (inside,outside) tcp interface 80 192.168.10.1 80 netmask 255.255.255.255

access-list outside_access_in extended permit tcp host 155.155.155.20 interface outside eq www

access-list outside_access_in extended permit tcp host 155.155.155.30 interface outside eq www

access-group outside_access_in in interface outside

Try and let post how it goes.

hth

MS

2232
Views
0
Helpful
2
Replies
CreatePlease to create content