There is one config that I can not figure out how to translate it over...
ip nat inside source static 10.4.200.29 184.108.40.206
ip nat inside source static 10.4.200.25 220.127.116.11
How do I do this on the ASA 8.2.5? (came from a 2800 router running ver 12.3(8r))
Go to Solution.
assuming you've already defined the inside and outside interfaces on your ASA, could you try:
static (inside,outside) 18.104.22.168 10.4.200.29 netmask 255.255.255.255
static (inside,outside) 22.214.171.124 10.4.200.25 netmask 255.255.255.255
View solution in original post
So it does not seem to do what I am expecting it to do.
I have a web server on each of those addresses, and the outside address is the 27.x.x.x and the ip address on the server is the 10.x.x.x
After adding the config you suggested, I can not access the web servers from the out side, is it possible i need to open an access list the ports as well?
Yeah, You are missing the ACL.
On an ASA when going from a lower security level to a higher there is a requirement of an ACL in order to the traffic to be allowed.
access-list out-in permit tcp any host 27.x.x.x eq 80
acces-group out-in in interface outside
For more information about Core and Security Networking follow my website at http://laguiadelnetworking.com Any question contact me at firstname.lastname@example.org Cheers, Julio Carvajal Segura
I agree with Julio. Traffic coming from the Internet with hit ACL first then your NAT rules.Please help rate useful posts.Sent from Cisco Technical Support iPhone App
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: