?
Solved

Gvie device behind Cisco ASA a public IP

Posted on 2011-09-02
3
Medium Priority
?
800 Views
Last Modified: 2012-05-12
Howdy,
We have a Cisco 5510 running v8.4.2 firmware.  We are currently utilizing it for 1 WAN and 1 LAN.  We have a need to have a device given a public IP (no nat).  What would be the best way to accomplish this without sticking the device in front of the ASA via switch/hub?
Thanks!
0
Comment
Question by:aiscom
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 6

Accepted Solution

by:
kdtresh earned 1600 total points
ID: 36474313
if you have an available external ip, you can map it to your internal server and allow the traffic to pass directly to it, similar to this
0
 
LVL 33

Assisted Solution

by:MikeKane
MikeKane earned 400 total points
ID: 36474944
That standard solution will not work in this case since he wants a public IP to go through the ASA.     HOwever, that standard solution is the usual way to get public web requests into an internal server.  

If you want public IP to pas the ASA and go directly into the hosts, then you can use the ASA's 'transparent mode'.       This means the ASA sits inline, does not do any Natting at all.     This is an either or scenario, you can't run transparent for 1 host.   Its all or nothing.  

Look here:
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a008089f467.shtml
0
 

Author Closing Comment

by:aiscom
ID: 36495460
Thanks!
I ended up choosing the 1-to-1 nat option instead.
0

Featured Post

[Webinar] Lessons on Recovering from Petya

Skyport is working hard to help customers recover from recent attacks, like the Petya worm. This work has brought to light some important lessons. New malware attacks like this can take down your entire environment. Learn from others mistakes on how to prevent Petya like worms.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

For months I had no idea how to 'discover' the IP address of the other end of a link (without asking someone who knows), and it drove me batty. Think about it. You can't use Cisco Discovery Protocol (CDP) because it's not implemented on the ASAs.…
You deserve ‘straight talk’ from your cloud provider about your risk, your costs, security, uptime and the processes that are in place to protect your mission-critical applications.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
Suggested Courses

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question