cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

527
Views
0
Helpful
8
Replies
majed.balsharaf
Beginner

Adding public IP in ASA

Hi

I am having normal network need to add public ip 162.196.212.32/29 with port 51241 in ASA firewall

Kind Regards

8 REPLIES 8
Julio Carvajal
Advisor

Hello Majed,

Can you be more specific?

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC

I'm having one server with public IP x.x.x.32/29 I need to add this in my firewall asa 5520. so that from outside my network no one can access it.

I want to know how can i do this,shall I add this server directly in my network or create static nat to it and pass through firewall.

As I am new in firewalls

Kind Regards

Hello,

So you do not want anyone on the outside world to access that server.

Just put it on your network and make sure you deny all traffic from any user to x.x.x.32.

Regards,

Julio

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC

I am adding my ASA configuration just need to add new public IP of  server in it with static nat

new public IP  x.x.x.32/29 port 51241

Hello Majed,

static (inside,outside)  tcp x.x.x32  51241 x.x.x32 51241

access-list  Outside_access_in permit tcp specific_outside_hosts host x.x.x.32 eq 51241

Let me know if this is what you are looking for?

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC

Hi Carvaja,

   Thanks for your help, I got the complete scenario now, I am having one public IP 162.x.x.33 255.255.255.248 which need to be convert in private IP with 172.x.x.25 and port 51241. I need to add this in ASA 5520

Thanks

static (inside,outside)  tcp x.x.x32  51241 172.x.x.25  51241

access-list  Outside_access_in permit tcp specific_outside_hosts host x.x.x.32 eq 51241

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC

Thanks,

but the correct syntax was:

access-list Outside_access_in extended permit tcp any host x.x.x.33 eq 51241

static (inside,Outside) x.x.x.33 172.x.x.25 netmask 255.255.255.255

Content for Community-Ad