cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4715
Views
0
Helpful
5
Replies

Natting same public ip with two internal ips with different ports

Hi Folks,

Can I use Same public ip for two different internal ips with different ports and can i user same public ip for two different internal ips with same ports

static (inside,outside) tcp 115.248.153.252 6303 192.168.22.19 6303 netmask 255.255.255.255

static (inside,outside) tcp 115.248.153.252 http 192.168.22.19 http netmask 255.255.255.255

static (inside,outside) tcp 115.248.153.252 http 192.168.22.20 http netmask 255.255.255.255

static (inside,outside) tcp 115.248.153.252 https 192.168.22.20 https netmask 255.255.255.255

static (inside,outside) tcp 115.248.153.252 6303 192.168.22.21 6303 netmask 255.255.255.255

static (inside,outside) tcp 115.248.153.252 http 192.168.22.22 http netmask 255.255.255.255

Regards
Thanveer
"Everybody is genius. But if you judge a fish by its ability to climb a tree, it will live its whole life believing that it is a stupid."       

1 Accepted Solution

Accepted Solutions

Jennifer Halim
Cisco Employee
Cisco Employee

No, you can't use the same public ip to NAT to two different internal IP Address using the same port.

static (inside,outside) tcp 115.248.153.252 6303 192.168.22.19 6303 netmask 255.255.255.255

static (inside,outside) tcp 115.248.153.252 6303 192.168.22.21 6303 netmask 255.255.255.255

For the above 2 static PAT for example, when traffic is coming inbound towards 115.248.153.252 on port 6303, the ASA would not know whether to NAT it back to 192.168.22.19 or 192.168.22.21 because both is using the same port.

View solution in original post

5 Replies 5

Jennifer Halim
Cisco Employee
Cisco Employee

No, you can't use the same public ip to NAT to two different internal IP Address using the same port.

static (inside,outside) tcp 115.248.153.252 6303 192.168.22.19 6303 netmask 255.255.255.255

static (inside,outside) tcp 115.248.153.252 6303 192.168.22.21 6303 netmask 255.255.255.255

For the above 2 static PAT for example, when traffic is coming inbound towards 115.248.153.252 on port 6303, the ASA would not know whether to NAT it back to 192.168.22.19 or 192.168.22.21 because both is using the same port.

Dear Jennifer Halim,

Thanks for your reply now I understand the reason why it is like that.

So you mean to say we can NAT the Same public IP to different ips with different ports.

Regards
Thanveer
"Everybody is genius. But if you judge a fish by its ability to climb a tree, it will live its whole life believing that it is a stupid."

Absolutely correct.

You can also NAT the same public IP to the same private IP with different ports.

So you can:

- NAT the Same public IP to different ips with different ports

- NAT the same public IP to the same private IP with different ports

Thanks Jennifer Halim,

I also have gone through your earlier postings,

Remote VPN Access Problem


static nat or static policy nat, this is answered by jounniForss and yourself, both in different way but in useful manner.

Backup Site-2-Site VPN Tunnel from remote office to Head Office on two ASA 5510 with different Public IP

Attribute Mapping not taking affect

Port Forwarding Help!!

thanks once again, thanks to cisco for support forum.

Thanks to everyone who is questioning and Thanks to everyone who is answering.

Regards
Thanveer
"Everybody is genius. But if you judge a fish by its ability to climb a tree, it will live its whole life believing that it is a stupid."

Thanks Thanveer.. Much appreciated.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: