Cisco ASA Port Forwarding Using Dynamic NAT
Posted on 2010-09-10
I understand NAT and I understand other routers. Just not sure how these ASAs deal with Dynamic NAT. I have a Cisco ASA5505 and I need to forward SSL to an internal ip address.
I am already using 3 static NATs to other servers in my enviornment. I have one IP address definded as my WAN interface and one definded for dynamic NAT for my other nodes on the network. I only have 5 WAN IP Addresses. See below:
global (outside) 1 interface
global (outside) 1 [WANIPADDRESS #5] netmask 255.0.0.0
nat (inside) 1 192.168.70.0 255.255.255.0
nat (inside) 1 0.0.0.0 0.0.0.0
static (inside,outside) [WANIPADDRESS #2] 192.168.70.210 netmask 255.255.255.255
static (inside,outside) [WANIPADDRESS #3] 192.168.70.220 netmask 255.255.255.255
static (inside,outside) [WANIPADDRESS #4] 192.168.70.222 netmask 255.255.255.255
access-group inside_access_out in interface inside
access-group outside_access_in in interface outside
What I need to know is can I forward HTTPS to 192.168.70.3 for my [WANIPADDRESS #5]? If so how?
Thaks for your assistance