10-04-2012 12:39 AM - edited 03-11-2019 05:03 PM
Hi Folks,
Can I use Same public ip for two different internal ips with different ports and can i user same public ip for two different internal ips with same ports
static (inside,outside) tcp 115.248.153.252 6303 192.168.22.19 6303 netmask 255.255.255.255
static (inside,outside) tcp 115.248.153.252 http 192.168.22.19 http netmask 255.255.255.255
static (inside,outside) tcp 115.248.153.252 http 192.168.22.20 http netmask 255.255.255.255
static (inside,outside) tcp 115.248.153.252 https 192.168.22.20 https netmask 255.255.255.255
static (inside,outside) tcp 115.248.153.252 6303 192.168.22.21 6303 netmask 255.255.255.255
static (inside,outside) tcp 115.248.153.252 http 192.168.22.22 http netmask 255.255.255.255
Regards
Thanveer
"Everybody is genius. But if you judge a fish by its ability to climb a tree, it will live its whole life believing that it is a stupid."
Solved! Go to Solution.
10-04-2012 06:17 AM
No, you can't use the same public ip to NAT to two different internal IP Address using the same port.
static (inside,outside) tcp 115.248.153.252 6303 192.168.22.19 6303 netmask 255.255.255.255
static (inside,outside) tcp 115.248.153.252 6303 192.168.22.21 6303 netmask 255.255.255.255
For the above 2 static PAT for example, when traffic is coming inbound towards 115.248.153.252 on port 6303, the ASA would not know whether to NAT it back to 192.168.22.19 or 192.168.22.21 because both is using the same port.
10-04-2012 06:17 AM
No, you can't use the same public ip to NAT to two different internal IP Address using the same port.
static (inside,outside) tcp 115.248.153.252 6303 192.168.22.19 6303 netmask 255.255.255.255
static (inside,outside) tcp 115.248.153.252 6303 192.168.22.21 6303 netmask 255.255.255.255
For the above 2 static PAT for example, when traffic is coming inbound towards 115.248.153.252 on port 6303, the ASA would not know whether to NAT it back to 192.168.22.19 or 192.168.22.21 because both is using the same port.
10-04-2012 09:46 PM
Dear Jennifer Halim,
Thanks for your reply now I understand the reason why it is like that.
So you mean to say we can NAT the Same public IP to different ips with different ports.
Regards
Thanveer
"Everybody is genius. But if you judge a fish by its ability to climb a tree, it will live its whole life believing that it is a stupid."
10-04-2012 10:02 PM
Absolutely correct.
You can also NAT the same public IP to the same private IP with different ports.
So you can:
- NAT the Same public IP to different ips with different ports
- NAT the same public IP to the same private IP with different ports
10-04-2012 10:53 PM
Thanks Jennifer Halim,
I also have gone through your earlier postings,
Remote VPN Access Problem
static nat or static policy nat, this is answered by jounniForss and yourself, both in different way but in useful manner.
Backup Site-2-Site VPN Tunnel from remote office to Head Office on two ASA 5510 with different Public IP
Attribute Mapping not taking affect
Port Forwarding Help!!
thanks once again, thanks to cisco for support forum.
Thanks to everyone who is questioning and Thanks to everyone who is answering.
Regards
Thanveer
"Everybody is genius. But if you judge a fish by its ability to climb a tree, it will live its whole life believing that it is a stupid."
10-04-2012 11:23 PM
Thanks Thanveer.. Much appreciated.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide