Showing results for 
Search instead for 
Did you mean: 



if i have As500 connected to modem at wan port and my network in lan port . i have 8 real static ip . i want to nat my lan network to real ip . there are server in my lan

1- i want server to take real static ip so i can access it  from wan (internet)   or

2- i want server to take private ip as my network and make port forwarding in as500


my question : what configuration i should do for the two solution above 

Colin Higgins

Sounds like you want to set up a static NAT for your internal server and allow access on particular ports to it from the outside.

For ASA IOS versions 8.3 and above, you would set up a network object like this:

object network obj-


 nat (inside,outside) static <public ip address>


where the public ip is one of the addresses is in your static block.


Then set up an access list on the outside interface that points to the internal address (this is called "real IP on version 8.3+")


access-list outside-in extended permit tcp any host eq 80

access-group outside-in in interface outside




for more details

Marius Gunnerud
VIP Advisor

Colin is correct that you need a static NAT but I think the configuration is wrong for your appliance.

I am assuming you mean the SA500 security appliance?

If so then I think the setting is done under Networking > Optional Port > Protocol Binding

However, I think it would be better to move this post to the Small Business forum, they will have a better idea of how this is done on your device.


Please remember to select a correct answer and rate helpful posts

Please remember to select a correct answer and rate helpful posts
Content for Community-Ad