Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1166
Views
0
Helpful
1
Replies

Port forwarding or static NAT on ASA?

Go to solution
ksarin123_2
Level 1
Level 1

‎01-26-2011 12:08 PM - edited ‎03-11-2019 12:40 PM

Hello folks -

I have a ASA 5510 that is connected to a ISP router over a /30 network. We don't have any more public IP's available from the ISP.

We have two servers inside our DMZ that need to be accessed from the Internet (http,https,ftp). Since we can't configure a static 1-to-1 NAT for the two publicly accessible servers (due to lack of public IP's availability), I am considering configuring port forwarding on the ASA.

My questions are:

1.) Are there any issues with configuring port forwarding on the ASA

2.) If we did have the public IP's available, is one option better than another (as in, which is better, port forwarding or static NAT)?

Thanks,

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
mirober2
Cisco Employee
Cisco Employee

‎01-26-2011 12:40 PM

Hello,

There are no performance or security differences between static NAT or static PAT. It is more of a design question of how you want to setup your network/IP addressing scheme. From a functionality standpoint, you can use either (assuming you get more public IPs in the future).

Hope that helps.

-Mike

View solution in original post

0 Helpful
1 Reply 1

Go to solution
mirober2
Cisco Employee
Cisco Employee

‎01-26-2011 12:40 PM

Hello,

There are no performance or security differences between static NAT or static PAT. It is more of a design question of how you want to setup your network/IP addressing scheme. From a functionality standpoint, you can use either (assuming you get more public IPs in the future).

Hope that helps.

-Mike

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card