Solved: PAT

beaujoire · ‎07-25-2011

Hi,

I'am using ASA 5510 and I try to understand how PAT is working.

I want to add a Mail Server in the LAN and a webmail using port 3000 on the server. ( webmail must be reachable from the WAN)

This is my Configuration :

Actually LAN users access internet using NAT with one global IP ( 194.x.x.69) which is the ASA WAN interface.

WAN ----- ISP Router ---------- FW ---------- LAN -------- Mail Server + Webmail

| | (25) | (3000)

194.x.x.69 192.168.1.254 192.168.1.6

I need to forward port 3000 and port 25 from outside to inside.

For example, from the WAN : http://mail.domain.com:3000/ must be redirect toward 192.168.1.6:3000 .

What is the Correct Configuration ? And what about the Inside/Outside Traffic,Is there any configuration to add ?

Thank you.

Adam Makovecz · ‎07-25-2011

Hi,

first of all it depends on what version do you run on the ASA. There is a major step between <8.2 and 8.3<

before 8.3:

static (LAN,WAN) tcp 194.x.x.69 3000 192.168.1.6 3000 netmask 255.255.255.255

after 8.3

object network obj-192.168.1.6

host 192.168.1.6

nat (LAN,WAN) static 194.x.x.69 service tcp 3000 www

certianly you have to open the port by ACL.

May be you are interested in the following video:

Adam Makovecz · ‎07-25-2011

Hi,