• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 420
  • Last Modified:

NAT question

I have a temporary outlook server sitting on an inside network and I need to set up OWA . We have a public block of IP's and I assigned a public DNS name to one of them to access the server externally. I added a route on the outside router telling it to route any traffic destined for XXX.XXX.209.9 (address assigned to OWA) to XXX.XXX.209.57 (outside int of ASA). Now I need to figure out what to configure on the asa to say whenever traffic destined for XXX.XXX.XXX.9 hits the outside interface, translate it to 10.0.0.237 and send it to the outlook server.  I know this is simple natting, but I can't figure out which type of rule to use.
0
downscm
Asked:
downscm
1 Solution
 
JFrederick29Commented:
This should do it:

access-list outside_access_in extended permit tcp any host xxx.xxx.209.9 eq 443

static (inside,outside) xxx.xxx.209.9 10.0.0.237 netmask 255.255.255.255
0
 
jcs5003Commented:
static (inside,outside) xxx.xxx.209.9 10.0.0.237 netmask 255.255.255.255 if nothing else is using this outside IP
static (inside,outside) tcp xxx.xxx.209.9 443 10.0.0.237 443 netmask 255.255.255.255

The above will also only work if your Exchange server is servicing OWA using SSL, as it should.. some admins like to use 80 also in which case you would also add
static (inside,outside) tcp xxx.xxx.209.9 80 10.0.0.237 80 netmask 255.255.255.255
access-list outside_access_in extended permit tcp any host xxx.xxx.209.9 eq 80


This also assumes your access-list is named outside_access_in
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

The 14th Annual Expert Award Winners

The results are in! Meet the top members of our 2017 Expert Awards. Congratulations to all who qualified!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now