Where do I point it to grab the IP address of the server?  The inside address for the server will be 192.168.4.199

I forgot to that I left out ther version: 8.4.1

I recieved this error:

Result of the command: "static (inside,outside) 68.108.xxx.xxx 192.168.1.1"

ERROR: This syntax of nat command has been deprecated..

Is the server behind teh ASA inside interface or on the internet (with reference to the ASA) ? Are you accessing this site from the inside interface of the ASA??

Thanks,

Varun

Yes the server is behind the ASA via an additional router.  I want to be able to access the server via the inside and the outside. 

Cable Modem-----> ASA----> Cisco-Linksys Router-----> Server

I want to be able to access my home server hosting my webiste from my inside network as well as from any outside address.  I currently have my domain forwarding to my WAN IP address.

OK got it!!!!

Didn't know you were using 8.4, you would need this syntax

object network public_ip

host 1.1.1.1

object network private_ip

  host 192.168.4.199

nat (outside,inside) source static any any destination static public_ip private_ip

For accessing from inside:

nat (inside,inside) source static any interface destination static public_ip private_ip

same-security-traffic permit intra-interface

You woudl also need the access-list:

access-list out_in permit tcp any host 192.168.4.199

access-group out_in in interface outside

Hope that helps.

Thanks,

Varun

I get this error when apply it the config

nat (outside,inside) source static any any destination static public_ip private_ip

ERROR: Address 68.108.xxx.xxx overlaps with outside interface address.

ERROR: NAT Policy is not downloaded

Any idea on how to resolve this?

Ohhhhh is the public ip you are using the outside interface IP????

Varun

Yes, is that a problem?  Can we fix that?

We would need to do port forwarding for it, but you would need to tell me on whihc port the server needs to be connected on 80,443 or anything else??

Varun

80, 443, 21  the standard for internet and FTP access

You woudl then need to use the following nats:

object network private_ip

  host 192.168.4.199

object service tcp_443

  service tcp source eq 443

object service tcp_80

service tcp source eq 80

object service tcp_21

service tcp source eq 21

nat (inside,any) source  static private_ip interface service tcp_443 tcp_443

nat (inside,any) source  static private_ip interface service tcp_80 tcp_80

nat (inside,any) source  static private_ip interface service tcp_21 tcp_21

same-security-traffic permit intra-interface

access-list out_in permit tcp any host 192.168.4.199

access-group out_in in interface outside

Hope that works for you

Thanks,

Varun

I get and error on the nat lines

ERROR: "interface" keyword is not allowed when translated interface is any

Any ideas?

Let me try this first on my ASA

Varun