Announcement

Collapse
No announcement yet.

NAT Specific ports to different IPs with PIX

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • NAT Specific ports to different IPs with PIX

    How can I set up my ASA 5510 to NAT one public IP to two internal IPs dependent on port?

    I want one specific port to be directed to one server and the rest directed to another. Is this possible?

    I can't find how to edit the subject to say ASA....sorry.
    Last edited by tnshurtm; 17th April 2007, 16:27.
    Thank you,

    Marc

  • #2
    Re: NAT Specific ports to different IPs with PIX

    ummm... jeez. thats a pickle. spanning tree? never had to NAT one external to 2 internals.. whys that?

    or do you mean maybe you want two VLANs that one is for your server and one is your wrokstations and you want the ASA to route internet for both VLANs?

    why not create a pool of the two servers if this is for load balancing.. otherwise im lost why you would even want to do this unless it was to accomadate a websense proxy or something weird... so why you wanna do that?
    its easier to beg forgiveness than ask permission.
    Give karma where karma is due...

    Comment


    • #3
      Re: NAT Specific ports to different IPs with PIX

      I don't want to use two public IP addresses. I want one public IP address to point to two internal servers, depending on what port it comes in on.

      I guess a common use could be to use 1 public ip address to host a web server and a mail server.....port 25 and port 80 going to different internal servers.
      Thank you,

      Marc

      Comment


      • #4
        Re: NAT Specific ports to different IPs with PIX

        Ok, so I kinda figured out how to do it.

        static (inside,outside) tcp xxx.xxx.136.254 (port) 192.168.1.184 (port) netmask 255.255.255.255

        The problem is, when I add this NAT statement for just a couple ports, it changes the outgoing IP of that server (.184) to the newly NAT'd IP (.136.254) instead of the default outside interface IP.

        Is there a way around this? Can I have specific ports NAT'd to an internal IP and yet have the web go out using the outside int IP?

        Thank you.
        Thank you,

        Marc

        Comment

        Working...
        X