12-29-2011 08:30 AM - edited 03-11-2019 03:08 PM
Hello, I need to update the configuration of an ASA 5505 running version 7.2(4)
Currently we have three external IP addresses pointing to three internal servers as static routes (actual IP's have been changed):
global (outside) 1 interface
nat (inside) 1 0.0.0.0 0.0.0.0
static (inside,outside) 1.2.3.33 192.168.1.11 netmask 255.255.255.255
static (inside,outside) 1.2.3.34 192.168.1.12 netmask 255.255.255.255
static (inside,outside) 1.2.3.35 192.168.1.13 netmask 255.255.255.255
I need to be able to use each of those external IP addresses with port 3390 to connect to a different IP than what is in the static route, ie:
Outside 1.2.3.33:3390 connects to Inside 192.168.1.101:3389
Outside 1.2.3.34:3390 connects to Inside 192.168.1.102:3389
Outside 1.2.3.35:3390 connects to Inside 192.168.1.103:3389
I can easily add the access-list, but I have a feeling the static routes are causing my issues.
access-list acl_out extended permit tcp any host 1.2.3.33 eq 3390
access-list acl_out extended permit tcp any host 1.2.3.34 eq 3390
access-list acl_out extended permit tcp any host 1.2.3.35 eq 3390
Please advise!
Thanks in advance,
Todd
Solved! Go to Solution.
12-29-2011 09:27 AM
static (inside,outside) tcp 1.2.3.33 3390 192.168.1.101 3389 netmask 255.255.255.255 .
static (inside,outside) tcp 1.2.3.34 3390 192.168.1.102 3389 netmask 255.255.255.255
static (inside,outside) tcp 1.2.3.35 3390 192.168.1.103 3389 netmask 255.255.255.255
This should do it.
Thanks
Ajay
12-29-2011 09:27 AM
static (inside,outside) tcp 1.2.3.33 3390 192.168.1.101 3389 netmask 255.255.255.255 .
static (inside,outside) tcp 1.2.3.34 3390 192.168.1.102 3389 netmask 255.255.255.255
static (inside,outside) tcp 1.2.3.35 3390 192.168.1.103 3389 netmask 255.255.255.255
This should do it.
Thanks
Ajay
12-29-2011 10:07 AM
Thanks Ajay,
I had to remove the origonal static NAT's and add in what we needed for specific port redirections, but it worked.
Now that I've thought about it longer, it's starting to make sense!
Thanks for the help!
Todd
12-29-2011 10:10 AM
Good to hear that
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide