Cisco Community
English
Register
The War in Ukraine - Supporting customers, partners and communities. LEARN MORE
Register
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

584
Views
0
Helpful
8
Replies
majed.balsharaf
Beginner
Beginner
‎10-08-2012 01:41 PM
‎10-08-2012 01:41 PM

Adding public IP in ASA

Hi

I am having normal network need to add public ip 162.196.212.32/29 with port 51241 in ASA firewall

Kind Regards

Labels:
0 Helpful
8 REPLIES 8
Julio Carvajal
Advisor
Advisor
‎10-08-2012 01:55 PM
‎10-08-2012 01:55 PM

Hello Majed,

Can you be more specific?

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
0 Helpful
majed.balsharaf
Beginner
Beginner
In response to Julio Carvajal
‎10-08-2012 02:20 PM
‎10-08-2012 02:20 PM

I'm having one server with public IP x.x.x.32/29 I need to add this in my firewall asa 5520. so that from outside my network no one can access it.

I want to know how can i do this,shall I add this server directly in my network or create static nat to it and pass through firewall.

As I am new in firewalls

Kind Regards

0 Helpful
Julio Carvajal
Advisor
Advisor
In response to majed.balsharaf
‎10-08-2012 02:28 PM
‎10-08-2012 02:28 PM

Hello,

So you do not want anyone on the outside world to access that server.

Just put it on your network and make sure you deny all traffic from any user to x.x.x.32.

Regards,

Julio

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
0 Helpful
majed.balsharaf
Beginner
Beginner
In response to Julio Carvajal
‎10-08-2012 02:38 PM
‎10-08-2012 02:38 PM

I am adding my ASA configuration just need to add new public IP of  server in it with static nat

new public IP  x.x.x.32/29 port 51241

136423-ASA.txt.zip
0 Helpful
Julio Carvajal
Advisor
Advisor
In response to majed.balsharaf
‎10-08-2012 03:35 PM
‎10-08-2012 03:35 PM

Hello Majed,

static (inside,outside)  tcp x.x.x32  51241 x.x.x32 51241

access-list  Outside_access_in permit tcp specific_outside_hosts host x.x.x.32 eq 51241

Let me know if this is what you are looking for?

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
0 Helpful
majed.balsharaf
Beginner
Beginner
In response to Julio Carvajal
‎10-09-2012 10:59 AM
‎10-09-2012 10:59 AM

Hi Carvaja,

   Thanks for your help, I got the complete scenario now, I am having one public IP 162.x.x.33 255.255.255.248 which need to be convert in private IP with 172.x.x.25 and port 51241. I need to add this in ASA 5520

Thanks

0 Helpful
Julio Carvajal
Advisor
Advisor
In response to majed.balsharaf
‎10-09-2012 11:25 AM
‎10-09-2012 11:25 AM

static (inside,outside)  tcp x.x.x32  51241 172.x.x.25  51241

access-list  Outside_access_in permit tcp specific_outside_hosts host x.x.x.32 eq 51241

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
0 Helpful
majed.balsharaf
Beginner
Beginner
In response to Julio Carvajal
‎10-11-2012 03:16 AM
‎10-11-2012 03:16 AM

Thanks,

but the correct syntax was:

access-list Outside_access_in extended permit tcp any host x.x.x.33 eq 51241

static (inside,Outside) x.x.x.33 172.x.x.25 netmask 255.255.255.255

0 Helpful
Latest Contents
Network Security All-in-one ASA FTD WSA Umbrella ISE VPN Lay...
Created by Meddane on 05-17-2022 06:18 AM
2
0
2
0
Multiple Cisco Security Technologies in a single book : ASA Firepower, WSA, Umbrella, ISE and VPN with 100 percent 100 practical scenarios with 70 Labs to cover important topics of the Cisco SCOR Exam. The best part is ISE with interesting scenarios wi... view more
Understanding IP Layer Enforcement on Cisco Umbrella
Created by Meddane on 05-17-2022 03:10 AM
0
5
0
5
Cisco Umbrella is a big DNS service that provides not only the DNS resolution but also if the hosted website is trust or malicious, the idea behind the Layer DNS Security is that the modern attacks uses the DNS in the first step either to redirect the use... view more
Cisco ISE Integration With F5 BIG-IP LTM Load Balancer for G...
Created by Meddane on 05-15-2022 02:24 AM
0
0
0
0
I shared with you this detailed document I created with 27 pages about Cisco ISE Integration With F5 BIG-IP Locar Traffic Manager LTM Load Balancer for Guest Acces.   The method used for Guest Access is the Self-Registration. Healt Monitor using HTTP... view more
Cisco ASA 9.714 version SNMP not working in EVE-NG LAB Envir...
Created by waqas.muhammad49 on 05-10-2022 06:56 AM
0
0
0
0
I created an IPSEC Site to site Tunnel between two ASA Firewalls in EVE-NG topology and i want to plot the IPSEC Site to Site VPN graph on PRTG ? The SNMP Walk command is not getting any output . As the firewall is making SNMP inbound connections with the... view more
ISE Integration with Eduroam External Server
Created by deepuvarghese1 on 05-09-2022 08:31 PM
3
20
3
20
The purpose of this document is to demonstrate how ISE can integrate with an eduroam external server which is a WI-Fi roaming service that provides international access to devices in education, research, and higher education. Students, teachers, and resea... view more
Ask a Question
Create
+ Discussion
+ Blog
+ Document
+ Video
+ Project Story
Find more resources
Discussions
Blogs
Documents
Events
Videos
Project Gallery
New Community Member Guide
Related support document topics
Recognize Your Peers
Spotlight Award Nomination
Content for Community-Ad