cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3478
Views
0
Helpful
7
Replies

two IP outside Cisco ASA 5505

Dear,

escribe my situation:

What I need is to configure two IP addresses public my ISP  in my ASA.

To respond from the Internet: a IP for my web server and DB and the other applications,

vpn, etc.

I have an ASA 5505 with lincencia Securuty Plus.

The network in the organization is:

Outside

Inside

DMZ

In the DMZy  come to a single IP internet.

One of them is web applications and database, what I'm looking to do is that you can access these applications from the Internet to an IP different from today.

For more detail current configuration attachment.

From already thank you for your cooperation.

7 Replies 7

praiyeng
Cisco Employee
Cisco Employee

Hi,

I am unable to get the exact requirement.

Provide an appropirate problem description.

I need to provide access from the Internet by two public IP:

x.x.x.12 for vpn, http (dmz server1)
x.x.x.13 for http, https, DB. (Server2 dmz)

thank you!

Correct me if i am wrong :

Problem Description:

-------------------------------

Port forward http to x.x.x.12 on the dmz and  the https and DB to x.x.x.13 on the dmz.

Which port would the DB work on ?

Do you want the servers to be visible by the interface ip in the Internet

I need use two IP public adress in outside assigned for my ISP

precisely, i need Port forward for public direfent adrees IP.

server1 - 8080 http, https to: x.x.x.12

ASA - vpn to: x.x.x.12

Server2 - SMTP, http, https, 8086 to: x.x.x.13

The por of BBDD is 8086

Currently only be accessed from the Internet server1 and ASA

thanks!

Port forwarding can be achieved by the following command if you are running ASA <8.3 :

static [(internal_if_name, external_if_name)] {tcp|udp} {global_ip|interface} global_port local_ip local_port 

hi!

very thanks! it is the configuration:

static (dmz,outside) tcp x.x.x.13 www server2 www netmask 255.255.255.255

static (dmz,outside) tcp x.x.x.13 https server2 https netmask 255.255.255.255

access-list outside_access_in extended permit tcp any host x.x.x.13 eq www

access-list outside_access_in extended permit tcp any host x.x.x.13 eq https

We reported the news after setting ASA.

You have setup for http and https ?

You need the setup for other 2 right ?

static (dmz,outside) tcp x.x.x.13 smtp server2 smtp netmask 255.255.255.255

static (dmz,outside) tcp x.x.x.13 8086 server2 8086 netmask 255.255.255.255

access-list outside_access_in extended permit tcp any host x.x.x.13 eq smtp

access-list outside_access_in extended permit tcp any host x.x.x.13 eq 8086

Review Cisco Networking for a $25 gift card