• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 321
  • Last Modified:

CISCO ASA 5505

I need to:

1) assign another public IP (99.99.99.99) to vlan2
2) enable remote desktop from that public IP to a computer connected to the vlan1 using the local ip 10.0.10.99
0
whocaresaboutit
Asked:
whocaresaboutit
  • 3
  • 2
1 Solution
 
GuruChiuCommented:
interface Vlan2
 nameif outside
 security-level 0
! Pls change subnet mask 255.255.255.224 to what is really use
 ip address 99.99.99.99 255.255.255.224
access-list outside_access_in extended permit tcp any host 99.99.99.99 eq 3389
static (inside,outside) tcp 99.99.99.99 3389 10.0.10.99 3389 netmask 255.255.255.255
0
 
whocaresaboutitAuthor Commented:
When I did you what you said, it changed the existing IP... I want to assign an aditional public IP
0
 
GuruChiuCommented:
For most application, I do not see a need to assign another public IP to the interface. Why you need the other IP? If you just want to map an internal server, you can easily done w/ static statement without changing anything to the public IP, e.g.
interface Vlan2
 nameif outside
 security-level 0
! Pls change subnet mask 255.255.255.224 to what is really use
 ip address 99.99.99.98 255.255.255.224
access-list outside_access_in extended permit tcp any host 99.99.99.99 eq 3389
static (inside,outside) tcp 99.99.99.99 3389 10.0.10.99 3389 netmask 255.255.255.255
0
NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

 
whocaresaboutitAuthor Commented:
I am going to publish services from several servers to different public IP's.

For example, I am going to have multiple web servers available for different clients,
serverA / www.domainA.com / 99.99.99.95
serverB / www.domainB.com / 99.99.99.96
serverC / www.domainC.com / 99.99.99.97

0
 
GuruChiuCommented:
Same:

interface Vlan2
 nameif outside
 security-level 0
! Pls change subnet mask 255.255.255.192 to what is really use
 ip address 99.99.99.99 255.255.255.192
access-list outside_access_in extended permit tcp any host 99.99.99.99 eq 3389
static (inside,outside)  99.99.99.95  10.0.10.95  netmask 255.255.255.255
static (inside,outside)  99.99.99.96  10.0.10.96  netmask 255.255.255.255
static (inside,outside)  99.99.99.97  10.0.10.97  netmask 255.255.255.255
0
 
Cyclops3590Commented:
GuruChiu is correct.  you don't add additional IPs to an interface on an ASA.  you just add static commands to "add" additional IPs.
0

Featured Post

NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now