Cisco ASA: easy connect server with service as static forwarder

Today as I’m currently working wit a Cisco ASA 5510 to create a DMZ. I saw some create options which I didn’t use in the past earlier.
In the Cisco ASDM 6.4 you normally add the external ip address to a service. Until I saw the option under Firewall > Public Servers.

Public servers? Yes this option is useful if you are not sure how to add a server to the ACL with a service. You can do this with a simple instruction.

Click on Public Servers and Click on Add

You will see the window below. You have to add a private IP addres and a services you want to exploit to the Internet. Select also the Public interface with an IP address you can use from external

When you have done this click on add. You get back to the list of Public Servers and you will see that the server you’ve added are listed in the list.

Now you can check also to see if the ACL outside is changed with the correct settings.
The servers will be added to the NAT Rules also. ( Be aware that the server get the full PAT settings if you don’t want that you need to add the specific services for this ip address )

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.