07-24-2007 11:49 AM - edited 03-11-2019 03:48 AM
Can it be done? I tried to split the IP into ports using static (dmz,outside)tcp external www internal www
ACL works as I tried it with a 1:1 translation, but doesnt with I try it this way. Is there an alternative? The company is short a public IP and needs to have it working this way.
07-24-2007 02:26 PM
You can configure port redirection to forward traffic based on global IP & port to the appropriate interval server. Here's a small example.
static (dmz,outside) tcp 209.165.201.5 smtp 10.1.1.6 smtp netmask 255.255.255.255
static (dmz,outside) tcp 209.165.201.5 www 10.1.1.3 www netmask 255.255.255.255
HTH
Sundar
07-25-2007 05:06 AM
HI, When I posted this, the static translations weren't working. After I posted I blew them away and re-entered them one at a time and tested them and they started working. I had them done correctly, but for some odd reason they just refused to work, but work now that I redid them.
07-24-2007 02:29 PM
Hi,
static (dmz,outside)tcp external www internal www
This should work fine, make sure you also include ports in ACL like following example:
access-list 101 permit tcp any host external eq www
access-group 101 in interface outside
Also ports for 2 ip addresses should be different.
Hope this helps.
Regards
Rohit
07-24-2007 09:24 PM
Try below command it works
1. Connects outside X.X.X.X on service 8080 to Internal Y.Y.Y.Y on service WWW.
-->(config)# static (inside,outside) tcp X.X.X.X 8080 Y.Y.Y.Y www netmask
255.255.255.255
2. Redirect Telnet requests for X.X.X.X to Y.Y.Y.Y by entering the following command:
--> config)# static (inside,outside) tcp X.X.X.X telnet Y.Y.Y.Y telnet netmask
255.255.255.255
Hope this will help
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide