Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations derfloh on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Open port 80 using outside IP

Status
Not open for further replies.
msworld

msworld

MIS
Joined
Jun 28, 2005
Messages
534
Location
US
We are using Cisco ASA 5510 as a gateway. We are out of the public IP addresses for hosting web sites. Can we use the outside IP (public/WAN IP) for HTTP? If yes, what’s the command line?

Bob Lin, MS-MVP, MCSE & CNE
How to Setup Windows, Network, VPN & Remote Access on
 
Sort by date Sort by votes
Hi MSWORLD

I think that I get what you mean - I am running some websites on using the IP that I was given from my isp - you will need to define a static map to allow HTTP traffic to your webserver

if you post your config I should be able to help.

Thanks
 
Upvote 0 Downvote
Thanks. Here is the configure. I need open port 80 using x.x.x.38 point to 192.168.0.110.

ASA Version 7.0(5)

!
hostname ciscoasa
domain-name default.domain.invalid
names
dns-guard
!
interface Ethernet0/0
nameif Outside
security-level 0
ip address x.x.x.38 255.255.255.248
!
interface Ethernet0/1
nameif Inside
security-level 100
ip address 192.168.0.250 255.255.255.0
!
interface Ethernet0/2
shutdown
no nameif
no security-level
no ip address
!
interface Management0/0
nameif management
security-level 100
no ip address
management-only
!
ftp mode passive
access-list out_to_inside extended permit tcp any host x.x.x.34 eq www
access-list out_to_inside extended permit tcp any host x.x.x.34 eq 8080
access-list out_to_inside extended permit tcp any host x.x.x.34 eq 8383
access-list out_to_inside extended permit tcp any host x.x.x.35 eq www
access-list out_to_inside extended permit tcp any host x.x.x.34 eq smtp
access-list out_to_inside extended permit tcp any host x.x.x.34 eq pop3
access-list out_to_inside extended permit tcp any host x.x.x.34 eq 3389
access-list out_to_inside extended permit tcp any host x.x.x.34 eq 13001
access-list out_to_inside extended permit tcp any host x.x.x.35 eq 13001
access-list out_to_inside extended permit tcp any host x.x.x.35 eq 3389
access-list out_to_inside extended permit tcp any host x.x.x.35 eq pop3
access-list out_to_inside extended permit tcp any host x.x.x.35 eq smtp
access-list out_to_inside extended permit tcp any host x.x.x.35 eq 8383
pager lines 24
logging asdm informational
mtu management 1500
mtu Inside 1500
mtu Outside 1500
asdm image disk0:/asdm505.bin
no asdm history enable
arp timeout 14400
global (Outside) 10 interface
nat (management) 10 0.0.0.0 0.0.0.0
nat (Inside) 10 0.0.0.0 0.0.0.0
static (Inside,Outside) x.x.x.34 192.168.0.213 netmask 255.255.255.255
static (Inside,Outside) x.x.x.35 192.168.0.112 netmask 255.255.255.255
access-group out_to_inside in interface Outside
route Outside 0.0.0.0 0.0.0.0 x.x.x.33 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00
timeout mgcp-pat 0:05:00 sip 0:30:00 sip_media 0:02:00
timeout uauth 0:05:00 absolute


Bob Lin, MS-MVP, MCSE & CNE
How to Setup Windows, Network, VPN & Remote Access on
 
Upvote 0 Downvote
static (inside,outside) tcp x.x.x.38 80 192.168.0.110 80 netmask 255.255.255.255

You'll also need to add this to your ACL.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Sameer258
  • Locked
  • Question Question
Need Help to Find ip and mac address with email who one open my email
Replies
0
Views
1K
Sameer258
Sameer258
XLNTech1
  • Locked
  • Question Question
iptables port forwarding
Replies
0
Views
848
XLNTech1
XLNTech1
Sparrow4
  • Locked
  • Question Question
Configure Avaya IPO R11 / VM Pro + Office365 or Exchange for voicemail to email
Replies
2
Views
1K
Johnkite
Johnkite
ttrsux
  • Locked
  • Question Question
Error opening IKE port 4500 on Interface outside
Replies
0
Views
476
ttrsux
ttrsux
RMurr34
  • Locked
  • Question Question
ASA Config - Open port 3389 for all IPs
Replies
1
Views
422
iggsterman
iggsterman

Part and Inventory Search

Sponsor

Back
Top