IP Addressing Problem

Janardhan Meesala · ‎03-26-2011

Dear Support-Team,

I am configuring ASA 5510.

My ISP given /28 pool of public IP's. So i had total 14 available IP addresses.

I configured one IP to the my firewall outside interface. I want assign remaining IP's to the my Servers, which are located inside to the firewall.

How to configure this problem???

Regards,

Janardhan

Shilpa Gupta · ‎03-26-2011

Hi,

As per my understanding, you have servers on the inside and you have free ip pool and you would like to assign these ip to the server so that you can access them by using the public ip.

You can use one to one NAT translation by using static command:-

static (real_interface,mapped_interface) mapped_ip real_ip netmask mask

Please find the reference link below:-

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a008046f31a.shtml#t12

Thanks,
Shilpa

Jon Marshall · ‎03-26-2011

Jannu1986 wrote:
Dear Support-Team,
I am configuring ASA 5510.
My ISP given /28 pool of public IP's. So i had total 14 available IP addresses.
I configured one IP to the my firewall outside interface. I want assign remaining IP's to the my Servers, which are located inside to the firewall.
How to configure this problem???
Regards,
Janardhan

You would configure static NAT entries eg.

mail server on inside = 192.168.5.10

web server on inside = 192.168.6.11

static (inside,outside) 192.168.5.10

static (inside,outside) 192.168.5.11

and then allow access in the access-list attached to the outside interface eg,

access-list outside_in permit tcp any host eq 25

access-list outside_in permit tcp any host eq 80

access-group outside_in in interface outside

note if you want to save on public IPs instead of using 2 additional ones as above you can simply use the same one eg -

static (inside,outside) tcp 25 192.168.5.10 25

static (inside,outside) tcp 80 192,.168.5.11 80

and then modify the acl accordingly.

Jon