Link to home
Start Free TrialLog in
Avatar of gopher_49
gopher_49

asked on

PAT's on the outside interface of a ASA 5510

I have an ASA 5510 with two public subnets... The first subnet has an IP address allocated to the outside interface of the ASA...  That's it only function...  Now..  I've ran out of public IP's and I need to create a PAT for ports 80, 443, 4307, and 4310...  In the past I tried creating a PAT via my outside interface and had issues..  Is this possible?  Can someone lead me in the right direction?  I normally do the below commands to create a PAT on one of my public IPs..  How would I do that for my outside interface/IP?

object network obj-192.168.1.131
host 192.168.1.131

access-list outside extended permit tcp any host 192.168.1.131 eq https

object network obj-192.168.1.131
nat (inside,outside) static MypublicIP service tcp https https

access-group outside in interface outside
ASKER CERTIFIED SOLUTION
Avatar of SIM50
SIM50
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Michael Ortega
I believe you want to PAT on one of the usable public IP's, but not the global IP that's assigned to the outside interface itself, right? If that's the case, simply reference the IP from your usable block that you want to use in place of "MypublicIP" and you should be good.

MO
Avatar of gopher_49
gopher_49

ASKER

Oh yea.  I forgot about that.  Guess I'll need more IPs.