• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 420
  • Last Modified:

NAT question

I have a temporary outlook server sitting on an inside network and I need to set up OWA . We have a public block of IP's and I assigned a public DNS name to one of them to access the server externally. I added a route on the outside router telling it to route any traffic destined for XXX.XXX.209.9 (address assigned to OWA) to XXX.XXX.209.57 (outside int of ASA). Now I need to figure out what to configure on the asa to say whenever traffic destined for XXX.XXX.XXX.9 hits the outside interface, translate it to and send it to the outlook server.  I know this is simple natting, but I can't figure out which type of rule to use.
1 Solution
This should do it:

access-list outside_access_in extended permit tcp any host xxx.xxx.209.9 eq 443

static (inside,outside) xxx.xxx.209.9 netmask
static (inside,outside) xxx.xxx.209.9 netmask if nothing else is using this outside IP
static (inside,outside) tcp xxx.xxx.209.9 443 443 netmask

The above will also only work if your Exchange server is servicing OWA using SSL, as it should.. some admins like to use 80 also in which case you would also add
static (inside,outside) tcp xxx.xxx.209.9 80 80 netmask
access-list outside_access_in extended permit tcp any host xxx.xxx.209.9 eq 80

This also assumes your access-list is named outside_access_in
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

The 14th Annual Expert Award Winners

The results are in! Meet the top members of our 2017 Expert Awards. Congratulations to all who qualified!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now