Solved: NAT/PAT: 1 external IP to many internal IP's w/same port numbers

phusion2k · ‎01-23-2017

I'm trying to figure out if the following is possible to do on a ASA5512 running 9.2(4)5.

- set it for one external IP to many internal IP's with the same ports for the internal IP's

external IP: 5.5.5.5 ports 80 and 443

internal IP#1: 192.168.1.31 ports 80 and 443

internal IP#2: 192.168.1.48 ports 80 and 443

I've looked and found many articles that talk about the many external IP's to one internal IP, but not this way especially since we want to use the same port numbers.

Let me know.

Ajay Saini · ‎01-23-2017

Unfortunately, it wont work. You have to set atleast one thing unique - either the port number or the ip address. If you specify 2 nat statements on ASA with same external ip address 5.5.5.5 and port 80/443, the first NAT statement will always work and NAT statement lower in the order will never be honored. Unless you wish to handover this request to a load balancer and bifurcate the traffic on basis of http header, it will not work.

-

AJ

View solution in original post

Francesco Molino · ‎01-23-2017

Hi

You won't be able to achieve that.

You need to map real port of the 2nd server to other port in order to be able to use the same Public IP.

Thanks

PS: Please don't forget to rate and mark as correct answer if this answered your question

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

Ajay Saini · ‎01-23-2017

Unfortunately, it wont work. You have to set atleast one thing unique - either the port number or the ip address. If you specify 2 nat statements on ASA with same external ip address 5.5.5.5 and port 80/443, the first NAT statement will always work and NAT statement lower in the order will never be honored. Unless you wish to handover this request to a load balancer and bifurcate the traffic on basis of http header, it will not work.

-

AJ