• September 18, 2020, 02:24:02 PM
Welcome, Guest. Please login or register. Registration is free.
Did you miss your activation email?

Author Topic: Alteon Port Translation / Cisco ASA 5525  (Read 4597 times)

0 Members and 1 Guest are viewing this topic.

Offline habibalby

  • Full Member
  • ***
  • Posts: 51
Alteon Port Translation / Cisco ASA 5525
« on: July 23, 2014, 02:52:40 AM »
Hello,
Will it be possible to translate same ports on public IP address and that would be translated to different internal IP Address using Alteon and Cisco ASA 5525?

Say I have public IP 80.123.123.33 I want to access server1 "192.168.1.20" on port 22 and I want to use same public IP Address to access server2 "192.168.1.21" on port 22.

How this would be possible?

Regards,


Offline Flintstone

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 961
Re: Alteon Port Translation / Cisco ASA 5525
« Reply #1 on: July 23, 2014, 04:14:11 AM »
Hi habibalby,

You will have to use two public IPs to setup static NATs on the ASA something like this:

object network dmz-webserver
host 192.168.1.20
nat (inside,outside) static 80.123.123.33
access-list outside-in permit tcp any host 192.168.1.20 eq 22

object network dmz-webserver
host 192.168.1.21
nat (inside,outside) static 80.123.123.34
access-list outside-in permit tcp any host 192.168.1.21 eq 22

CheerZ

Offline habibalby

  • Full Member
  • ***
  • Posts: 51
Re: Alteon Port Translation / Cisco ASA 5525
« Reply #2 on: July 23, 2014, 04:34:05 AM »
Hello,

What if I don't want to use two Public Addresses? Is there any way I can achieve this scenario?

Thanks,

Offline Flintstone

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 961
Re: Alteon Port Translation / Cisco ASA 5525
« Reply #3 on: July 23, 2014, 04:58:54 AM »
Hi habibalby,

The only way that I know how to do something like this is to use a BigIP F5 load-balancer where you would configure a virtual server with two pool members 192.168.1.20/21 and implement an iRule to forward traffic to the relevant pool member but you would need to differentiate between pool members for example using different source IP addresses.  E.g.  Public IP A source address to access pool member 192.168.1.20 and Public IP B source address to access pool member 192.168.1.21?

CheerZ

Offline habibalby

  • Full Member
  • ***
  • Posts: 51
Re: Alteon Port Translation / Cisco ASA 5525
« Reply #4 on: July 23, 2014, 05:01:02 AM »
Thanks for your reply, but this is not what I'm looking.

I will try to do some research on how I can achieve this scenario.

Regards,

Offline Flintstone

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 961
Re: Alteon Port Translation / Cisco ASA 5525
« Reply #5 on: July 23, 2014, 08:17:05 AM »
Hi habibalby,

If you want to use the same public IP address, you could change the service port of one of your servers to be something other than 22 I.e. 2222.  That might work?

CheerZ