Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Public Server vs. using NAT for STUN / TURN servers

Status
Not open for further replies.

sidwick30

Technical User
Jun 18, 2014
2
US
I need to setup access to a STUN & TURN server. Due to the number of ports needed and what a stun / turn server does, I’m trying to determine if I should use the Public Server feature in the ASA 5525 ver. 9.1. I have the documentation from cisco of how to setup a public server and one still creates NAT & ACL rules…. So how is that different than just creating the objects for the servers & setting up standard NAT & ACL rules? Looking for references as well that can give different scenarios of when to us a public server.
Thanks
 
I assume you are referring to the 'Public Servers' bit in the ASDM GUI? This is sort of a 'macro' and automates the manual process of creating ACL's and NAT rules so its no different from what you describe. If you do create entries in the public server part of the ASDM GUI rules will still get created in the NAT and Access rules screens.

Andy
 
My advice---I do everything manually, unless I'm the one that created the macro...since I troubleshoot my own networks, I want to know exactly how everything is configured, from A to Z

--Tim

ip access-list extended IP-Options-and-Powerball
deny ip any any winning-powerball-ticket
permit ip any any option any-options
!
class-map ACL-Options-and-Powerball
match access-group name IP-Options-and-Powerball
!
policy-map CoPP-POLICY
class ACL-Options-and-Powerball
drop
!
control-plane
service-policy input CoPP-POLICY
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top