• Creator
  • #2149603

    help to configure Cisco ASA 5540


    by punyarthisa ·


    I want to configure ASA so that the Intranet users on private IP class on outside interface should be able to access the web server on inside interface of ASA.

    I tried with giving access list and NATing in similar as i do for giving web server access on internet public ip on outside interface. But its not working with Intranet IPs.

    pls help to resolve this problem…..

All Answers

  • Author
    • #2913290


      by punyarthisa ·

      In reply to help to configure Cisco ASA 5540


    • #2914225

      static nat

      by synner ·

      In reply to help to configure Cisco ASA 5540

      To allow access from the outside to an inside server, you need a static translation and ACLs.

      ex: web server:

      static (inside,outside) netmask

      access-list 100 permit any host eq 80

      access-group 100 in int outside

      NOTE: I’m only doing this from memory (not connected to my pix at this time). Some of the commands may need other parameters. But the idea is to create a static translation, create an access-list to allow the desired traffic and apply that access-list to the correct interface.

      The above example defines the inside webserver at to appear on the oustide as Access is given to the global address (not the private inside address). The ACL is applied to the inbound outside interface.

Viewing 1 reply thread