Learn how to a build a cloud-first strategyRegister Now

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 412
  • Last Modified:

NAT question

I have a temporary outlook server sitting on an inside network and I need to set up OWA . We have a public block of IP's and I assigned a public DNS name to one of them to access the server externally. I added a route on the outside router telling it to route any traffic destined for XXX.XXX.209.9 (address assigned to OWA) to XXX.XXX.209.57 (outside int of ASA). Now I need to figure out what to configure on the asa to say whenever traffic destined for XXX.XXX.XXX.9 hits the outside interface, translate it to and send it to the outlook server.  I know this is simple natting, but I can't figure out which type of rule to use.
1 Solution
This should do it:

access-list outside_access_in extended permit tcp any host xxx.xxx.209.9 eq 443

static (inside,outside) xxx.xxx.209.9 netmask
static (inside,outside) xxx.xxx.209.9 netmask if nothing else is using this outside IP
static (inside,outside) tcp xxx.xxx.209.9 443 443 netmask

The above will also only work if your Exchange server is servicing OWA using SSL, as it should.. some admins like to use 80 also in which case you would also add
static (inside,outside) tcp xxx.xxx.209.9 80 80 netmask
access-list outside_access_in extended permit tcp any host xxx.xxx.209.9 eq 80

This also assumes your access-list is named outside_access_in

Featured Post

Cyber Threats to Small Businesses (Part 1)

This past May, Webroot surveyed more than 600 IT decision-makers at medium-sized companies to see how these small businesses perceived new threats facing their organizations.  Read what Webroot CISO, Gary Hayslip, has to say about the survey in part 1 of this 2-part blog series.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now