We help IT Professionals succeed at work.

External IP Address Configuration

aromeo409
aromeo409 asked
on
383 Views
Last Modified: 2009-07-29
I currently have an SBS Server connected to the Internet via a ASA 5505 and I want to connect a website on an additional Windows 2003 server on my network. My SBS Server is connected to the current interface. I some assistence in configuring an additional Public IP Address for my CISCO ASA 5505. I would like to configure an additional outside interface. I currently have 5 public IP addresses assigned by my ISP. The current outside interface is 216.178.X.1 and I would like to add an additional IP Address 216.178.X .2to my outside interface so I can connect the additional website from my second Windows 2003 server.

Thanks!
Comment
Watch Question

you don't actually need to add the IP address to the asa, you just need to create a NAT for it.

(assuming 192.168.1.2 is the IP address of your second internal server)

static (inside,outside) 216.178.x.2 192.168.1.2 netmask 255.255.255.255

then you modify the access list, which will look something like this (depending on your current access-list)

access-list outside_access_in line 2 permit tcp any host 216.178.x.2 eq www

Author

Commented:
Thanks, I'll give it a shot.

Author

Commented:
Execuse my ignorance, but to what access list do I this to?
are you doing this from asdm or terminal?

if you're on a terminal, do 'sh run | grep access-group'

this will output something like

access-group outside_access_in in interface outside

this means that the access list named 'outside_access_in' is applied to traffic inbound to the interface outside (coming in from internet)
look for the one that is on interface outside.

then, run 'sh access-list '
this will show you the actual access-list, line by line.   determine where is the best place to put the rule.  (before the deny rules)  If in doubt, it will be ok at rule 1

then, do the following

conf t
access-list  line <#> permit tcp any host 216.178.x.2 eq www
static (inside,outside) 216.178.x.2 192.168.1.2 netmask 255.255.255.255
end

if you're doing this in asdm, i'll need to know which version of asdm you're doing it in to walk you through the easiest, but basically, goto the firewall configuration page, access-lists, and look for the outside interface.  Add a line and put the same information in. (source any, dest 216.178.x.2, port tcp:80, permit)
then goto the NAT/translation page, and create a new static entry.  (the logic may seem backwards) inside source = 192.168.x.2, translated = outside and 216.178.x.2.

Author

Commented:
I'm doing this fro the ADSM v1.5(20). Thanks!
asdm 1.5(20) ???  do you mean 5.01?  That's the oldest version out for the asa.


Let me know if you need more help.

Author

Commented:
I'm sorry it's 5.2
did you get this working yet?

Author

Commented:
I haven't made the change yet. I'm waiting for the Web Developer to finish his coding and I will flip the switch. I looked the in the ADSM and I din't see a firewall configuration page. It is some where else?
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION

Author

Commented:
Thanks. That works great....

Author

Commented:
Thanks!

Gain unlimited access to on-demand training courses with an Experts Exchange subscription.

Get Access
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Empower Your Career
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE

Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Unlock the solution to this question.
Join our community and discover your potential

Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.