[c-nsp] ASA Static Translations / DNS Doctoring
Luan Nguyen
luan at netcraftsmen.net
Fri Jul 17 13:49:55 EDT 2009
Static mapping means one to one. You could do port mapping.
I have an internal web server that need to be accessible from the public
internet so I would do *static (inside,outside) 208.x.x.25 192.168.100.10
netmask 255.255.255.255 dns*.
What do you need to do?
Regards,
-------------------------------
Luan Nguyen
Chesapeake NetCraftsmen, LLC.
http://www.netcraftsmen.net
-----------------------------
-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Clue Store
Sent: Friday, July 17, 2009 12:47 PM
To: cisco-nsp at puck.nether.net
Subject: [c-nsp] ASA Static Translations / DNS Doctoring
Hi All,
I'm trying to do DNS doctoring on an asa and for specific reasons I need to
map several different (public) outside IP's the one inside ip as shown
below.
*static (inside,outside) 208.x.x.25 192.168.100.10 netmask 255.255.255.255
dns*
*static (inside,outside) 208.x.x.26 192.168.100.10 netmask 255.255.255.255
dns*
**
However, upon entering the second rule, the asa says "ERROR: duplicate of
existing static". I realize this is for a one to one translation. As I am
not an expert with the ASA, does anyone know how I can accomplish this in a
different manor??
My only other option is to point all of my domains to the same (public)
outside IP, but this is my LAST option as it breaks alot more things that
would take alot more time to fix. Any help is appeciated.
Thanks,
Clue
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list