Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2192
Views
0
Helpful
9
Replies

does asa5505 support multiple public IPs?

yayasolenet
Level 1
Level 1

‎02-21-2011 08:52 PM - edited ‎03-11-2019 12:54 PM

Can I assign multiple IPs for port forwarding on outside interface?

Labels:
0 Helpful
9 Replies 9

Roman Rodichev
Level 7
Level 7

‎02-21-2011 08:55 PM

sure, you can create more than one static statement using different public IP/port combinations. (if you use ASA 8.3 code, the commands have changed. No more static command)

0 Helpful

csaxena
Cisco Employee
Cisco Employee

‎02-21-2011 08:56 PM

Yes, we can.

For example Pre-8.3 config,

static(inside,outisde) tcp x.x.x25 25 10.10.10.1 25

static(inside,outisde) tcp x.x.x.80 80 10.10.10.1 80

Here is 10.10.10.1 is the private address of the server which can be our mail server and web server as well. We can access the same using x.x.x.25 for our mails from outisde and x.x.x.80 to access website.

Hope this helps. Please reply if you need further assistance.

Regards,

Chirag

P.S.: Please mark this thread as answered if you feel your query is answered. Do.rate helpful posts.

0 Helpful

yayasolenet
Level 1
Level 1
In response to csaxena

‎02-21-2011 09:06 PM

Do you need to assign both x.x.x.25 and x.x.x.80 to the outside interface?

0 Helpful

csaxena
Cisco Employee
Cisco Employee
In response to yayasolenet

‎02-21-2011 09:12 PM

No, with this confiruation you are not relating to the outside interface IP. Outside interface will be a different IP.

Hope this helps. Please reply if you need further assistance

Regards,

Chirag

P.S.: Please mark this thread as answered if you feel your query is answered. Do.rate helpful posts.

0 Helpful

yayasolenet
Level 1
Level 1
In response to csaxena

‎02-21-2011 09:24 PM

You mean when I apply for more IPs. These IPs are routed to

my router. Router and the asa outside interface

has /30 ip for routing. The additional IPs do not

need to be assigned for a public pool like firebox then to be used?

0 Helpful

Akhil B
Cisco Employee
Cisco Employee
In response to yayasolenet

‎02-21-2011 09:48 PM

Hi ,

Since you have /30 mask between ASA and router, you will have 2 ip address from the ISP, 1 for the outside interface of ASA and 1 for the router's interface. There is no requirement that they must be assigned to any public pool as such.

Hopefully i was able to answer your question.

Regards,
Akhil

0 Helpful

csaxena
Cisco Employee
Cisco Employee
In response to yayasolenet

‎02-21-2011 10:34 PM

If i got you right, in that case you can use the interface IP to use the port forwarding for various servers. Please correct me if i have not understood you correctly.

0 Helpful

Akhil B
Cisco Employee
Cisco Employee
In response to yayasolenet

‎02-21-2011 09:15 PM

Hi,

There is no need to add x.x.x.25 and x.x.x.80 to the outside interface.The outside interface will have the different unique IP address in the same subnet as the x.x.x.25 and x.x.x.80. These are public ip address are uniquely assigned to the private IPs which are being statically translated.

Regards,
Akhil

0 Helpful

csaxena
Cisco Employee
Cisco Employee

‎02-21-2011 09:00 PM

Similarly 8.3 config will look like:

object network obj-10.10.10.1_1

  host 10.10.10.1

nat (inside,outside) static x.x.x.25 service tcp 25 25

object network obj-10.10.10.1_2

  host 10.10.10.1

nat (inside,outside) static x.x.x.80 service tcp 80  80

Hope this helps. Please reply if you need further assistance.

Regards,

Chirag

P.S.: Please mark this thread as answered if you feel your query is answered. Do.rate helpful posts.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card