Question

Locked

help to configure Cisco ASA 5540

By punyarthisa ·
Hello..

I want to configure ASA so that the Intranet users on private IP class on outside interface should be able to access the web server on inside interface of ASA.

I tried with giving access list and NATing in similar as i do for giving web server access on internet public ip on outside interface. But its not working with Intranet IPs.

pls help to resolve this problem.....

This conversation is currently closed to new comments.

2 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Answers

Collapse -

static nat

by SYNner In reply to help to configure Cisco A ...

To allow access from the outside to an inside server, you need a static translation and ACLs.

ex: web server: 192.168.1.32/24
outside: 192.168.2.0/24

static (inside,outside) 192.168.2.32 192.168.1.32 netmask 255.255.255.255

access-list 100 permit any host 192.168.2.32 eq 80

access-group 100 in int outside


NOTE: I'm only doing this from memory (not connected to my pix at this time). Some of the commands may need other parameters. But the idea is to create a static translation, create an access-list to allow the desired traffic and apply that access-list to the correct interface.

The above example defines the inside webserver at 192.168.1.32 to appear on the oustide as 192.168.2.32. Access is given to the global address (not the private inside address). The ACL is applied to the inbound outside interface.

Back to Networks Forum
2 total posts (Page 1 of 1)  

Related Discussions

Related Forums