Solved

Add secondary outside IP to interface ASA 5505

Posted on 2014-09-18
2
366 Views
Last Modified: 2014-09-19
I have two outside IPs available for my ASA running 8.3.  The IP assigned on Vlan2 and all the NAT is working fine.
I have a server that needs to have a range of ports available on the outside that are already in use on the outside IP.  
I need to use the second outside IP to use this new range of ports on this single server.

I have added
same-security-traffic permit inter-interface
same-security-traffic permit intra-interface

I have added object Network secondOutsideIP
  host <real IP>
I have added object network InsideHostForThisIP
 host <insideHostIP>
I have added my object-group service portsToOpen tcp-udp
<bunch of ports and ranges>
I have added the ACL -
access-list ACL_Out extended permit tcp any host InsideHostForThisIP object-group portsToOpen

Now, how do I nat (inside,outside) ->please help with remaining code to allow traffic
and
did I miss a step somewhere please?
0
Comment
Question by:davebird
2 Comments
 
LVL 57

Accepted Solution

by:
Pete Long earned 500 total points
ID: 40332140
0
 

Author Closing Comment

by:davebird
ID: 40332646
That was it. Thank you.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are many useful and sometimes not well documented or forgotten IOS or ASA/PIX commands. See IPE article here , there was also one on PacketU and on Cisco Tips & Tricks. Below are my favorites. I give also a few most often used for Cisco IPS an…
For months I had no idea how to 'discover' the IP address of the other end of a link (without asking someone who knows), and it drove me batty. Think about it. You can't use Cisco Discovery Protocol (CDP) because it's not implemented on the ASAs.…
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

825 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question