Hi, I have corrected the config statements:
access-list outside_access_in extended permit tcp any host 192.168.1.10 eq 25
Needs to be changed to:
access-list outside_access_in extended permit tcp any host xx.xx.xx.211 eq 25
Then have this:
static (inside,outside) xx.xx.xx.211 192.168.1.10 netmask 255.255.255.240
The nat statements should just be this:
global (outside) 1 interface nat (inside) 1 0 0
The only thing I need to test is whether I need to have static statements to allow me to have NAT translations both ways - currently this is from the outside to inside, but I may need additional translations from the inside to the outside also. Thanks. Andrew. -----Original Message----- From: Sean Murphy [mailto:mhysnm1964@gmail.com] Sent: 03 July 2008 12:55 To: Blind sysadmins list Subject: Re: [Blind-sysadmins] Question for you Cisco ASA/router experts outthere Andrew, I assume the external /30 public subnet has been assigned from your ISP. The other /30 Public Address you own? If this is the case, then you can ask the ISP to route the current internal /30 Public subnet to your External public address. This has to be done and could cost. Configure the internal interface for the LAN as you want it. The WAN (External) Interface should be configured for the current External Public IP Address. Cisco can have a secondary and third address. I need to verify this, but I don't think you would be required to configure this. You should have a static route which sends all traffic out your WAN port. So the correct route path is maintained. Natting under Cisco isn't something I have done yet. Sean _______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org http://lists.hodgsonfamily.org/mailman/listinfo/blind-sysadmins -- allpay.net Limited, Fortis et Fides, Whitestone Business Park, Whitestone, Hereford, HR1 3SE. Registered in England No. 02933191. UK VAT Reg. No. 666 9148 88. Telephone: 0870 243 3434, Fax: 0870 243 6041. Website: www.allpay.net Email: enquiries@allpay.net This email, and any files transmitted with it, is confidential and intended solely for the use of the individual or entity to whom it is addressed. If you have received this email in error please notify the allpay.net Information Security Manager at the number above.