cisco20
asked on
ASA5510 Natting an inside server to public iip
Whats the most secure way to nat a public ip to an inside server that requires access to from the internet on a specific tcp port ?
Oops, first line should be:
Access-list outside permit tcp any host outside_ip eq port
If your ASA is 8.3 or higher, there are some changes to this though.
Access-list outside permit tcp any host outside_ip eq port
If your ASA is 8.3 or higher, there are some changes to this though.
ASKER
So for example if the port is rdp 3389 add it to both instances ?
static (inside,outside) tcp outside_ip port inside_ip port
static (inside,outside) tcp outside_ip port inside_ip port
ASKER CERTIFIED SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
Access-list outside permit tcp any host eq port
static (inside,outside) tcp outside_ip port inside_ip port netmask 255.255.255.255
access-group outside in interface outside
This way you only open up one port to the inside.