02-02-2012 03:54 AM - edited 03-11-2019 03:23 PM
Hi Guys,
I have a 5505 IOS V7.2(4).
I am trying to add 2 static PATs using 2 external IPs to a single internal IP.
This is what we have in place already and is working fine:
static (inside,outside) tcp 77.xx.xx.206 www 10.xx.xx.2 www netmask 255.255.255.255
static (inside,outside) tcp 77.xx.xx.206 https 10.xx.xx.2 https netmask 255.255.255.255
I am wanting to add another external IP to this and PAT it to the same internal destination, so the outcome should be:
static (inside,outside) tcp 77.xx.xx.206 www 10.xx.xx.2 www netmask 255.255.255.255
static (inside,outside) tcp 77.xx.xx.206 https 10.xx.xx.2 https netmask 255.255.255.255
static (inside,outside) tcp 77.xx.xx.205 www 10.xx.xx.2 www netmask 255.255.255.255
static (inside,outside) tcp 77.xx.xx.205 https 10.xx.xx.2 https netmask 255.255.255.255
10.xx.xx.2 is a VIP running on a par of NetScalers.
I know it possible on the 8.3 IOS to have a One -to- Many Static NAT.
Does anyone Know if it’s possible or how to correctly configure this? As when I try applying the config it errors (ERROR: duplicate of existing static).
Regards
Dale
Solved! Go to Solution.
02-02-2012 11:13 AM
Hello Dale,
Lets trick the ASA:
Acess-list test1 permit tcp host 10.xx.xx.2 eq 80 any
static (inside,outside) 77.xx.xx.205 access-list test1
static (inside,outside) tcp 77.xx.xx.206 https 10.xx.xx.2 http
Regards,
Julio
02-02-2012 11:13 AM
Hello Dale,
Lets trick the ASA:
Acess-list test1 permit tcp host 10.xx.xx.2 eq 80 any
static (inside,outside) 77.xx.xx.205 access-list test1
static (inside,outside) tcp 77.xx.xx.206 https 10.xx.xx.2 http
Regards,
Julio
05-14-2012 08:21 AM
Hi Julio,
Sorry for the not responding sooner, your fix worked a charm.
Dale
05-14-2012 10:08 AM
Hello Dale,
My pleasure, Glad I could help.
Regards,
Julio
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide