whocaresaboutit
asked on
CISCO ASA 5505
I need to:
1) assign another public IP (99.99.99.99) to vlan2
2) enable remote desktop from that public IP to a computer connected to the vlan1 using the local ip 10.0.10.99
1) assign another public IP (99.99.99.99) to vlan2
2) enable remote desktop from that public IP to a computer connected to the vlan1 using the local ip 10.0.10.99
ASKER
When I did you what you said, it changed the existing IP... I want to assign an aditional public IP
For most application, I do not see a need to assign another public IP to the interface. Why you need the other IP? If you just want to map an internal server, you can easily done w/ static statement without changing anything to the public IP, e.g.
interface Vlan2
nameif outside
security-level 0
! Pls change subnet mask 255.255.255.224 to what is really use
ip address 99.99.99.98 255.255.255.224
access-list outside_access_in extended permit tcp any host 99.99.99.99 eq 3389
static (inside,outside) tcp 99.99.99.99 3389 10.0.10.99 3389 netmask 255.255.255.255
interface Vlan2
nameif outside
security-level 0
! Pls change subnet mask 255.255.255.224 to what is really use
ip address 99.99.99.98 255.255.255.224
access-list outside_access_in extended permit tcp any host 99.99.99.99 eq 3389
static (inside,outside) tcp 99.99.99.99 3389 10.0.10.99 3389 netmask 255.255.255.255
ASKER
I am going to publish services from several servers to different public IP's.
For example, I am going to have multiple web servers available for different clients,
serverA / www.domainA.com / 99.99.99.95
serverB / www.domainB.com / 99.99.99.96
serverC / www.domainC.com / 99.99.99.97
For example, I am going to have multiple web servers available for different clients,
serverA / www.domainA.com / 99.99.99.95
serverB / www.domainB.com / 99.99.99.96
serverC / www.domainC.com / 99.99.99.97
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
GuruChiu is correct. you don't add additional IPs to an interface on an ASA. you just add static commands to "add" additional IPs.
nameif outside
security-level 0
! Pls change subnet mask 255.255.255.224 to what is really use
ip address 99.99.99.99 255.255.255.224
access-list outside_access_in extended permit tcp any host 99.99.99.99 eq 3389
static (inside,outside) tcp 99.99.99.99 3389 10.0.10.99 3389 netmask 255.255.255.255