cisco asa pass same port to two different servers

I am working on transitioning from an exchange 2007 server to an exchange 2013 server and have routed email to the new server by changing my asa port forwarding to the new ip address.

However during this transition process I need outside access to the old legacy server also for OWA. Thus I need port 443 to be able to forward to both the old exchange and the new exchange server as the owa process currently is going to the new server and it is passing it on to the legacy server when the mailbox is on the old server.

This process works perfectly fine inside the network but from the outside the legacy server can not be seen.

I added the 443 rules again for the legacy server and got a warning in the nat rules about overlapping.

Bottom line is it still does not work from the outside but works fine from the inside.

So how to a get a Cisco ASA 5505 to be able to pass 443 traffic based on server name etc.

Thanks!
LVL 1
dpcsitAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Dave HoweSoftware and Hardware EngineerCommented:
You can't. what you need is a box able to direct traffic based on some arbitrary content (SNI might work) and an ASA isn't anywhere near advanced enough to do that.  You are more probably looking at some sort of content load balancing, so should (probably) pass it though to a box that can do that.  There are commercial load balancers that can do this for you, or if you are looking for something free (given its a short-term need) you could pass the 443 traffic to a webserver (such as apache with mod_proxy) and use name based virtual hosting to direct the traffic at the back end to the appropriate internal host based on inbound name.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
dpcsitAuthor Commented:
Answered my question of how!
0
Dave HoweSoftware and Hardware EngineerCommented:
do give apache+mod_proxy a try though. you should be able to run that on windows, and pass the traffic selectively to your two OWS boxes depending on hostname.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Networking

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.