01-26-2011 12:08 PM - edited 03-11-2019 12:40 PM
Hello folks -
I have a ASA 5510 that is connected to a ISP router over a /30 network. We don't have any more public IP's available from the ISP.
We have two servers inside our DMZ that need to be accessed from the Internet (http,https,ftp). Since we can't configure a static 1-to-1 NAT for the two publicly accessible servers (due to lack of public IP's availability), I am considering configuring port forwarding on the ASA.
My questions are:
1.) Are there any issues with configuring port forwarding on the ASA
2.) If we did have the public IP's available, is one option better than another (as in, which is better, port forwarding or static NAT)?
Thanks,
Solved! Go to Solution.
01-26-2011 12:40 PM
Hello,
There are no performance or security differences between static NAT or static PAT. It is more of a design question of how you want to setup your network/IP addressing scheme. From a functionality standpoint, you can use either (assuming you get more public IPs in the future).
Hope that helps.
-Mike
01-26-2011 12:40 PM
Hello,
There are no performance or security differences between static NAT or static PAT. It is more of a design question of how you want to setup your network/IP addressing scheme. From a functionality standpoint, you can use either (assuming you get more public IPs in the future).
Hope that helps.
-Mike
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide