Cisco ASA Port Forwarding Using Dynamic NAT

Posted on 2010-09-10
Medium Priority
Last Modified: 2012-05-10
I understand NAT and I understand other routers.  Just not sure how these ASAs deal with Dynamic NAT. I have a Cisco ASA5505 and I need to forward SSL to an internal ip address.
I am already using 3 static NATs to other servers in my enviornment.  I have one IP address definded as my WAN interface and one definded for dynamic NAT for my other nodes on the network.  I only have 5 WAN IP Addresses. See below:

global (outside) 1 interface
global (outside) 1 [WANIPADDRESS #5] netmask
nat (inside) 1
nat (inside) 1
static (inside,outside) [WANIPADDRESS #2] netmask
static (inside,outside) [WANIPADDRESS #3] netmask
static (inside,outside) [WANIPADDRESS #4] netmask
access-group inside_access_out in interface inside
access-group outside_access_in in interface outside

What I need to know is can I forward HTTPS to for my [WANIPADDRESS #5]?  If so how?

Thaks for your assistance

Question by:Neadom Tucker

Assisted Solution

BooSTid earned 800 total points
ID: 33647381
Following line is the syntax for just doing individual ports (PAT rather then NAT)

static (inside,outside) tcp [WANIPADDRESS 5] 443 443 netmask                            

Accepted Solution

ullas_unni earned 1200 total points
ID: 33648587
what BooSTid posted is the command for static and make sure you have :

access-list outside_access_in permit tcp any host [WANIPADDRESS 5] eq 443

another thing i noticed is you have:

global (outside) 1 interface
global (outside) 1 [WANIPADDRESS #5] netmask
nat (inside) 1
nat (inside) 1

i guess

nat (inside) 1
global (outside) 1 interface

should be sufficient for your other nodes considering is your internal network.
so like that you get WANADDRESS#5 free for the static.


Author Closing Comment

by:Neadom Tucker
ID: 33650293
Thanks for you help

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

When speed and performance are vital to revenue, companies must have complete confidence in their cloud environment.
On Feb. 28, Amazon’s Simple Storage Service (S3) went down after an employee issued the wrong command during a debugging exercise. Among those affected were big names like Netflix, Spotify and Expedia.
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses

600 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question