Hot Downloads

Welcome, Guest
Username: Password: Remember me

TOPIC: Can someone please explain me..

Can someone please explain me.. 8 years 7 months ago #25743

  • zomb
  • zomb's Avatar
  • Offline
  • New Member
  • Posts: 3
  • Karma: 0
1) if say i want to put mail and web server (two separate machines) in DMZ, do I need two assigned static IP addresses for them purchased from my ISP (BT UK)?

2) if the answer to Q.1 is yes, then can ASA 5505 handle multiple static IP addresses at all?

thank you
The administrator has disabled public write access.

Re: Can someone please explain me.. 8 years 7 months ago #25746

  • Smurf
  • Smurf's Avatar
  • Offline
  • Moderator
  • Posts: 1390
  • Karma: 1
1. The answer is no since it runs on different Ports. You can direct port 25 to one server and port 80 to the other server.

2. Yes and No, you don't actually assign the address to the Interface, the use of the Static command will map it to the external interface. So you could have 2.2.2.2 on your external interface and then within the static command you could reference 2.2.2.3, this address would then apper on the interface.

Cheers
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx

Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
The administrator has disabled public write access.

Re: Can someone please explain me.. 8 years 7 months ago #25750

  • zomb
  • zomb's Avatar
  • Offline
  • New Member
  • Posts: 3
  • Karma: 0
Hey Wayne,

had to rewrite my question after googling a bit.

sorry if it sounds stupid but how many public static IPs can ASA assign using Static? i take it as many as there are ports, right?
The administrator has disabled public write access.

Re: Can someone please explain me.. 8 years 7 months ago #25752

  • Smurf
  • Smurf's Avatar
  • Offline
  • Moderator
  • Posts: 1390
  • Karma: 1
I dont know if there are any limits within the ASA Coding (cisco may only allow so many Static Commands to be configured) but if there are no limits then it would be pretty much as many as you want.

You can add Statics that are not actually part of the external interfaces subnet, providing the internet knows to route the traffic to that subnet.
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx

Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
The administrator has disabled public write access.
Time to create page: 0.082 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup