ASA 5505: Multiple NAT statements for specific IP addresses

- A
- Andrew Hodgson
  
  Contact options for registered users
posted
15 years ago

Sun, Oct 19, 2008 10:21 AM

Hi,

I have the need to present a machine on the outside interface on a specific IP address like this:

static (inside,outside) xx.xx.xx.211 192.168.1.10 netmask

255.255.255.240

So that 192.168.1.10 is on the outside on xx.xx.xx.211.

However, I also wish to present the DNS port on the inside (5353) on the outside on port 53. If I add this rule underneath my previous rule:

static (inside,outside) xx.xx.xx.211 53 192.168.1.10 5353 netmask

255.255.255.240

Will this work, or will the rule above it take over so that port 53 on the outside will map to port 53 on the inside? If so, what is the best approach, to put the second rule first, or to map port 5353 on

192.168.1.10 to a different external IP address?

Thanks. Andrew.

Loading thread data ...

- M
- Martin Bilgrav
  
  Contact options for registered users
Vote on answer
posted
15 years ago

Thu, Oct 23, 2008 8:16 PM

i am not sure about port static first or IP static, but you must use netmask

255.255.255.255 and UDP or TCP statements in your port statement. Give it a try ...

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.