Cisco ASA 5505 - Multiple Public IP's going to the same internal PRIVATE IP address

Is there any way to configure a Cisco ASA to have (2) Public IP's point to the same internal resource?  I.E. have an FTP server available on (2) separate IP's pointing to the same internal IP address?

When I try to configure this, the CLI complains about an existing NAT and does not allow the command to be entered.
LVL 5
jkeegan123Asked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
Henk van AchterbergConnect With a Mentor Sr. Technical ConsultantCommented:
Try this (please use ASA 9.1(3) FW):

nat (outside,inside) source static any any destination static EXTIP1 FTPSERVER service ftp ftp unidirectional no-proxy-arp
nat (outside,inside) source static any any destination static EXTIP2 FTPSERVER service ftp ftp unidirectional no-proxy-arp

Open in new window


make objects for EXTIP1, EXTIP2 and FTPSERVER!
0
 
Fred MarshallPrincipalCommented:
It's a little unusual I should think to have a port with a public IP address "point to" a single internal IP address via NAT.  And then another doing the same thing to the same internal address.

If that's the case then I should think you would route without NAT at all.  That's a more classical router function without the embellishment of NAT.  So, packets coming in from a particular port with a public address would be routed to a port toward a particular private IP address range which would have the size of 1.
There could be multiple public ports that way and multiple routes to the private port/range.

e.g.  1.1.1.1 to `192.168.1.1/32 i.e. 255.255.255.255
and 2.2.2.2 to 192.168.1.1/32 also.
and no NAT.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.