I dont guess I made a post about adding a static NAT entry into an pre-8.3 version on the Cisco ASA. I have had that question come up, so I thought I would post about that.
You really need two things to accomplish this on an existing firewall. First, a static NAT entry. Second, an entry in your ACL that is applied to your outside interface (if coming in from the outside). Here is a look at what would need to be done.
Lets say you want to add a web server that sits on the inside of your network. I want to be able to web browse to it from the outside. My internal web server is 192.168.30.4. My external IP will be 32.32.32.45. Here is what I would need to do on pre-8.3:
access-list outside permit tcp any host 32.32.32.45 eq www <--- For access in from the outside
static (inside,outside) 32.32.32.45 192.168.30.4 netmask 255.255.255.255 <--- To get you to the server
No comments:
Post a Comment
Your comment will be reviewed for approval. Thank you for submitting your comments.