Cisco ASA 5510 - Two external IP address forwarding to port 80 on different web servers

I have a Cisco ASA 5510 and I need to port forward port 80 to two different servers.  One needs to forward to my mail server and the other to a Sharepoint server.  I currently have one external static IP address.  After doing a lot of research it appearently is not possible to port forward one external static IP to two different servers using the same port number.  I read a couple of places that you need aditional static IPs to do this.  

Is this information correct?  Is that what I need to make this work?  Any problems with routing etc when configuring an additional "Outside Interface" on the ASA?

Thanks for the advise.
SihleInsAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

rauenpcCommented:
What you read was correct. If you were to obtain additional IP addresses from your ISP they would either change your outside address to have a larger subnet, or they would allot you an unrelated IP address. You wouldn't need to configure that IP on any physical interface, you would just need to nat to that IP. Both methods are very common and work well, so just call your ISP and ask what options you have to get more public IP's and they will give you their options.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
SihleInsAuthor Commented:
Can you explain how to "nat to that IP" without configuring on a physcial interface?  In my NAT rules I have to select a physcial interface under "Translated"  I do see the option "Use IP Address" is it as simple as entering that new IP static IP here?  Would I don't need to configure that IP address anywhere else in the ASA for this to work?
0
rauenpcCommented:
That's correct... you can just enter the IP address. When you get additional IP's in this manner, your ISP essentially just sets a static route pointed at your firewall for the new IP's. Your firewall simply looks for the destination IP in the packets, sees if there is a rule or nat statement for that destination, and deals with the packet from there. As long as you have the nat rule and acl set to allow traffic, life is good.
0
SihleInsAuthor Commented:
I was waiting to get the additional IP from my ISP and test this before awarding points.  Your solution was SPOT ON.  Thank you so much I was unaware that you could have multiple IPs on the same circuit and assign them different ports on the ASA without an additional physcial connection.  The solution was so easy once you explained it.  Thanks again!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Cisco

From novice to tech pro — start learning today.