Cisco ASA 5510 Port Forwarding ASDM
Hi everyone, I'm using the Cisco ASDM gui interface to put a quick port forwarding rule in.
Basically I have a application on our network that needs to be accessed via the web which requires a few ports forwarded.
I followed these two guides located here:
http://www.agrypnia.com/blog/2010/11/17/cisco-asa-port-forwarding-rdp-using-asdm.html
and
http://www.youtube.com/watch?v=MW2_Rc9vj3o
==========================
Everything is going great besides one small problem. Being a little bit of a newbie I want to ask your advise on what should I do.
I put the NAT static rule in for port 22 for example and it worked just fine...
However when I put the NAT static rule in for 443, it states it will not let me do this, because the static rule is already been applied somewhere else...which shows me there is indeed a rule already in place, but it's pointing towards our small business server.
I need this ported forwarded also to point to this other application server I have.
How do I go about this without screwing up the config for the small business server?
Basically I have a application on our network that needs to be accessed via the web which requires a few ports forwarded.
I followed these two guides located here:
http://www.agrypnia.com/blog/2010/11/17/cisco-asa-port-forwarding-rdp-using-asdm.html
and
http://www.youtube.com/watch?v=MW2_Rc9vj3o
==========================
Everything is going great besides one small problem. Being a little bit of a newbie I want to ask your advise on what should I do.
I put the NAT static rule in for port 22 for example and it worked just fine...
However when I put the NAT static rule in for 443, it states it will not let me do this, because the static rule is already been applied somewhere else...which shows me there is indeed a rule already in place, but it's pointing towards our small business server.
I need this ported forwarded also to point to this other application server I have.
How do I go about this without screwing up the config for the small business server?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks everyone, that was very helpful. I ended up using another IP just because we had one not in use, and I figured I would change the ports for any other application if they have to use the same ports in the future. It's nice to know I can do that though.
Everything is working great now, thanks!
Everything is working great now, thanks!
ASKER
Would we need a interface dedicated for each IP address? I see for example on our main outside address it states:
interface Ethernet0/0
nameif outside
security-level 100
ip address 1.1.1.1 255.255.255.128
However for the other one in use already at (2.2.2.2) I don't see a interface created for it, looks like it's just defined in the nat and access rules.
Will that be all that I have to do?