Solved

Add secondary outside IP to interface ASA 5505

Posted on 2014-09-18
2
352 Views
Last Modified: 2014-09-19
I have two outside IPs available for my ASA running 8.3.  The IP assigned on Vlan2 and all the NAT is working fine.
I have a server that needs to have a range of ports available on the outside that are already in use on the outside IP.  
I need to use the second outside IP to use this new range of ports on this single server.

I have added
same-security-traffic permit inter-interface
same-security-traffic permit intra-interface

I have added object Network secondOutsideIP
  host <real IP>
I have added object network InsideHostForThisIP
 host <insideHostIP>
I have added my object-group service portsToOpen tcp-udp
<bunch of ports and ranges>
I have added the ACL -
access-list ACL_Out extended permit tcp any host InsideHostForThisIP object-group portsToOpen

Now, how do I nat (inside,outside) ->please help with remaining code to allow traffic
and
did I miss a step somewhere please?
0
Comment
Question by:davebird
2 Comments
 
LVL 57

Accepted Solution

by:
Pete Long earned 500 total points
ID: 40332140
0
 

Author Closing Comment

by:davebird
ID: 40332646
That was it. Thank you.
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Have you experienced traffic destined through a Cisco ASA firewall disappears and you do not know if the traffic stops in the firewall or somewhere else? The solution is the capture feature. This feature was released in 6.2(1) and works in all firew…
This article will cover setting up redundant ISPs for outbound connectivity on an ASA 5510 (although the same should work on the 5520s and up as well).  It’s important to note that this covers outbound connectivity only.  The ASA does not have built…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now