Cisco ASA Public Servers

Pavel Pokorny · ‎06-16-2011

Hi folks,

I have question about purpose of this one feature:

http://www.cisco.com/en/US/docs/security/asa/asa83/asdm63/configuration_guide/public_servers.html

What is the difference between, this page and following:

I make static NAT, and then on outside interface inbound ACL I allow requested ports.

If this one, is some kind of summary, I wonder why there is only something.

In my case I have about 20 static NATs with allowed ports and this page show slightly half of them (yes all, of them have at least one port exposed to the world).

So, please give me some reasonable explanation.

Thank you very much

Pavel

Jennifer Halim · ‎06-16-2011

The purpose of the "Public Servers" feature is:

- A single point of configuration to configure: static NAT, access-list, and applying it to the correct interface.

You do not have to separately configure static NAT, then the firewall rules for any inbound traffic like previously.

It's introduced to provide the firewall admin a convenient way of configuring inbound access which before needs to be configured separately.

Hope that helps.

Pavel Pokorny · ‎06-17-2011

Hu,

All right, I was guessing about this purpose.

But there is second part of my question:

- why is there only part of configuration?

Remember, I have never configured anything through this menu, so it must be some kind of import. But import which is useless :-((.

Regards

Jennifer Halim · ‎06-17-2011

Yeah, I agree with you (the import is kind of useless if you have configured it the other way round).

It is more useful for admin who is not used to the old method and configuring the access via the "Public Servers" way.

Pavel Pokorny · ‎06-17-2011

What makes mi confused, is that there is something.

I have never configured anything that way.

So, where it goes from?

And why there are all pieces of config?

:-(((

Pavel Pokorny · ‎06-17-2011

And why there are not all pieces of config?