Cisco ASA Multiple Public IP
Posted
by
KGDI
on Server Fault
See other posts from Server Fault
or by KGDI
Published on 2012-09-10T10:51:38Z
Indexed on
2012/09/10
15:40 UTC
Read the original article
Hit count: 159
I have a Cisco ASA5510 and articles related to ASA and mulitple Public IP says this cant be done. My question is how to best solve a scenario like this:
I have 3 zones, Outside, Inside and DMZ
- Outside is Internet
- Inside is Client machines
- DMZ is a zone for servers related to external and internal services.
My scenario is a bit more complex, but to keep things simple this will do:
I want to place an Exchange server and a web server (externally reachable in the DMZ zone)
The webserver uses both TCP80/443, the Exchange server uses 443
So to the problem: With the ASA only having one public IP, how would you make a DNAT to port 443 on both the internal hosts behind 1 Public IP? Usually, when i do this kind of scenario With Linux boxes i use alias Interfaces like eth0:0, eth0:1 and set 1 Public IP on each.
To me this must be a pretty common scenario, any ideas on how to solve it With ASA?
/KGDI
© Server Fault or respective owner