Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Single external IP to mail and ftp on different internal server (easy way)?

Moving from a SonicWall Firewall to an ASA 5505 (8.2) only have a single WAN IP have exchange server and SFTP server and need to map through with static and access list.

Static to the exchange is easy as it 2 lines in both access-list and static commands.

static (INSIDE,OUTSIDE) tcp <external ip> 80 192.168.100.1 80 netmask 255.255.255.255

static (INSIDE,OUTSIDE) tcp <external IP> 443 192.168.100.1 443 netmask 255.255.255.255

The sftp is different as it doesn't use the std ports, 990 for the intial connection then 60000 61000 for data

single command for the initial connection

static (INSIDE,OUTSIDE) tcp <external ip> 990 192.168.100.2 990 netmask 255.255.255.255

but how can i enter the static for the data without having to do 1000 individual lines

1 REPLY
Silver

Single external IP to mail and ftp on different internal server

This link may help:

http://www.cisco.com/en/US/docs/security/asa/asa72/command/reference/i2_72.html#wp1667737

The turning on/off of the data connection should be left to inspect.

HTH.

289
Views
0
Helpful
1
Replies