Need Help on one Firewall Question

Hi All,
I am using cisco asa in my environment and which is connected to l2. One server and one router is also connected to L2. Now i want to access port 80 on my server from outside.
How its possible if the server gateway is routers ip and i don't want to add static route in router or server towards the firewall. Nat and access List is done on firewall. what else i can do on firewall to access port 80 of my server from outside. Dont want to change anything on router/server.
Below is the IP detail
1. Firewall inside 192.168.1.1 & Outside 1.1.1.1
2. Router IP - 192.168.1.2
3. Server IP - 192.168.1.3 & GW - 192.168.1.2

Hi,
Well the only ways I could think that the connections could be gotten working would be
Policy Based Routing on the Router that would forward the web servers traffic through the firewall instead of the routers default gateway (even just the return traffic for web connections)
Configuring NAT on the ASA firewall so that all traffic from the Internet would be NATed to an internal IP address from the network 192.168.1.0/24. This would mean that the server would be sending the traffic to ASA instead of using its default gateway. And this is ofcourse because the server would be seeing all connections coming from its connected network and wouldnt have to use the default gateway.
You havent mentioned what type of NAT you are doing on the ASA for the server Static PAT or Static NAT. Static PAT would be forwarding a single (or several ports) only while Static NAT would be dedicating a single public IP address for the server.
I would imagine that you would have to configure 2 separate NAT statements
Dynamic Policy PAT for the External hosts
This should NAT all traffic coming from the Internet to the IP address of your ASAs "inside" interface WHEN the destination is the public IP address of your Web server.
access-list POLICY-NAT-WEBSERVER remark NAT inbound web traffic to an internal IP address
access-list POLICY-NAT-WEBSERVER permit tcp any host 1.1.1.1 eq 80
nat (outside) 100 access-list POLICY-NAT-WEBSERVER
global (inside) 100 interface
Static NAT or Static PAT for Web server
Either of these NAT configurations should forward the connections to your Web servers public IP address on port TCP/80 to the Web server.
Together with the above NAT configuration the return traffic from the Web server should flow back through the ASA.
static (inside,outside) 1.1.1.1 192.168.1.3 netmask 255.255.255.255
or
static (inside,outside) tcp 1.1.1.1 80 192.168.1.3 80 netmask 255.255.255.255
If you are using the public IP address on the ASA "outside" interface then replace the 1.1.1.1 with "interface". The IP address 1.1.1.1 stands for a public IP address that you might use.
Hope this helps
Please do remember to mark a reply as the correct answer if it answered your question.
Feel free to ask more if needed
- Jouni

Similar Messages

  • I need help resetting my security questions, i try to and it says email sent but i never get the email to my main email or alternate email, i never set my questions but somehow there set

    I need help resetting my security questions, i try to and it says email sent but i never get the email to my main email or alternate email, i never set my questions but somehow there set, so i can also not buy apps without entering my question awnsers please help

    Forgotten Security Questions/Answers
    You need to contact Apple by:
    1 - Use the Express lane and start here:
    https://expresslane.apple.com
    then click More Products and Services>Apple ID>Other Apple ID Topics>Forgotten Apple ID security questions.
    or
    Apple - Support -form iTunes Store - Contact Us
    2 - Call Apple in your country by getting the number from here:
    http://support.apple.com/kb/HE57
    or           
    Apple ID: Contacting Apple for help with Apple ID account security
    3 - Use your rescue email address if you set one up
    Rescue email address and how to reset Apple ID security questions
    For general  information see:
    Apple ID: All about Apple ID security questions

  • HT5699 The country I am living in is not on the Apple Contact Support list and I need help with my security questions.

    I am currently living in Tunisia but it's not on the Apple Contact Support list. I need help with my security questions which I cannot remember the answers. There is no link to send a reset email. What do I do?

    Click here and ask the iTunes Store staff for assistance.
    (114040)

  • HT5312 i need help with the security questions is there some way to get you to remind me what they were from e-mail or other wise

    I need help with the security Questions is there some way to get you to remember them by e-mail of other wise

    Read the HT5312 page that you posted from, it has instructions for how to reset them i.e. if you have a rescue email address set up on your account then steps 1 to 5 half-way down that page should give you a reset link.
    If you don't have a rescue email address then you will need to contact iTunes Support / Apple in your country to get the questions reset.
    Contacting Apple about account security : http://support.apple.com/kb/HT5699
    When they've been reset (and if you don't already have a rescue email address) you can then use the steps half-way down the HT5312 page that you posted from to add a rescue email address for potential future use

  • Need help!! HDV question

    Hey guys..
    I shot a project in HDV 108060i 16:9 project
    brought the footage into FCPro natively..
    when its time to export my project can i give them a downconverted dv 4:3 copy with sides cropped?? and a hdv 16:9 copy?
    the only reason i want to do that is to make myself look better as i am a youngster trying to impress many people as i can.

    you should ask them what they want but you should test both procedures beforehand so you're not scrambling to figure it out before a deadline, as many folks come shouting here do and here's an example post - severe sarcasm to follow - "OMG, I NEED HELP ASAP AS I'M ON A DEADLINE AND I HAVE TO EXPORT THESE FILES AND I CAN'T EVEN TURN MY COMPUTER ON AND MY CLIENTS WILL BE HERE TOOT-SWEET SO HELP ME NOW!!!! I JUST KNOW NO ONE ELSE HAS EVER FACED THIS PROBLEM BEFORE!"
    if you want to impress someone, don't ever assume anything or leave anything to chance. above all, always be on time or early and never assume your clients don't care or don't know.

  • I need help reseting y secerty questions

    i need help reseting my secerty questions

    1)  Apple ID: All about Apple ID security questions
    If necessary
    2)  See Here... ask to speak with the Account Security Team...
    Apple ID: Contacting Apple for help with Apple ID account security
    3)  Or Email Here  >  Apple  Support  iTunes Store  Contact

  • HT1918 i need help answering my security questions

    I need help answering my security questions

    Welcome to the Apple Community.
    Start here, and reset your security questions, you will receive an email to your rescue address, use the link in the email and reset your security questions.
    If that doesn't help or you don't have a rescue address, you might try contacting Apple through iTunes Store Support

  • HT201303 I need help on my security questions. I have reset my password and added an email to verify my identity, but I can not remember my security questions.

    How can I reset my security questions?

    Hello Cutty35loca,
    Try answering them at least once to see if you can get them right, even if you are not sure you remember the answers to your security questions.
    If you are confident you can't remember them, try one of the following:
    If you have three security questions and a rescue email address
    sign in to My Apple ID and select the Password and Security tab to send an email to your rescue email address to reset your security questions and answers. 
    If you have one security question and you know your Apple ID password sign in to My Apple ID and select the Password and Security tab to reset your security question.
    If you have one security question, but don't remember your Apple ID password
    contact Apple Support for assistance. Learn more about creating a temporary support PIN to help Apple confirm your identity when you contact Apple Support.
    Note: If you have forgotten your password and answer your security questions incorrectly too many times in a row, you will be unable to try to answer your security questions for a period of time. During that time you will not be able to reset your password and will not have access to your account.
    Also find the below link :
    http://support.apple.com/kb/ht5312
    Hope this helps you

  • Thx for the help today - one more question

    Thx for all the help today. My flash works perfect now. One
    more question... I get a frame around my flash when using internet
    explorer and have the mouse over it... why?
    check it out:
    http://www.ardent.se

    search google and this forum for "active content" - been
    front page news for weeks - hundreds of
    discussions, blogs, articles all over the web.
    --> Adobe Certified Expert (ACE)
    --> www.mudbubble.com :: www.keyframer.com
    -->
    http://flashmx2004.com/forums/index.php?
    -->
    http://www.macromedia.com/devnet/flash/articles/animation_guide.html
    -->
    http://groups.google.com/advanced_group_search?q=group:*flash*&hl=en&lr=&ie=UTF-8&oe=UTF-8
    cjh81 wrote:
    > Thx for all the help today. My flash works perfect now.
    One more question... I
    > get a frame around my flash when using internet explorer
    and have the mouse
    > over it... why?
    >
    > check it out:
    http://www.ardent.se
    >

  • I have successfully downloaded Photoshop Elements but did not get an e-mail and do not have a registration # and need help getting one/

    I have successfully downloaded Photoshop Elements 13.  I did not receive an e-mail with the registration number but did get verification of email address.  I have been through all the help sights and only reach dead ends.  Help!

    Photoshop Elements is not part of the Cloud, I will move this to that forum
    Photoshop Elements Forum http://forums.adobe.com/community/photoshop_elements
    Select a topic, then click I STILL NEED HELP to activate Photoshop Elements Online chat
    -http://helpx.adobe.com/contact.html?product=photoshop-elements or
    http://helpx.adobe.com/photoshop-elements/kb/troubleshoot-installation-photoshop-elements- premiere.html

  • I need help changing my security questions and dont know the answers to the ones i already have set

    i made my account like 4 years ago and have tried every possible answer to my questions i can think of but everytime it says one or both of them is wrong.  i tried changing them but there isnt a button that i can click to change them as far as i have seen it just keeps asking me to answer them.  i need to change them so i can buy songs on my new laptop please help.

    You need to ask Apple to reset your security questions; ways of contacting them include clicking here and picking a method for your country, phoning AppleCare and asking for the Account Security team, and filling out and submitting this form.
    They wouldn't be security questions if they could be bypassed without Apple verifying your identity.
    (103373)

  • Help needed please (Port forwarding/Firewall Question)

    So im hooked up thru my router so if I want to play a game I have to port forward so im told.
    Ok, I im at my port forwarding menu and its asking for the following info...some of this info I know and some I have no idea what it means or where I can get it from. Heres the parts im asked to enter that I have no idea what to enter......
    Source IP Address:
    Destination IP Address
    Source Netmask:
    Destination Port Map
    Where do I find out these things!?...Im a COMPLETE novice when it comes to routers and im so confused.

    Hello,
    Unfortunately, that information is going to have to come from the people who are providing you the online game.
    The settings you need are going to depend on what their program requires, and how they communicate with your computer.
    All of this is different for each service you are trying to use.
    Here are some articles to get you familiarized with the concept though:
    http://en.wikipedia.org/wiki/Port_forwarding
    http://forums.furthurnet.org/viewtopic.php?p=3821
    http://www.boutell.com/newfaq/creating/forwardports.html
    http://panasonic.co.jp/pcc/products/en/netwkcam/technic/port_fwrd.html
    http://p2p.weblogsinc.com/2005/04/24/how-to-configure-your-router-to-allow-fast- bittorrent-downloads/
    While they all discuss doing it with different routers, the principals and ideas are the same.
    But, the actual configuration is going to depend on the specific needs of the service you are trying to use (the particular online game).
    I hope this helps.

  • Need Help using One-Key to make a system back up to DVDs

    I bought U330 in Sept and now that I have some of my own programs installed and running, I want to make a backup to D (I think?) and also make backups to DVDs so I could make backups. 
    I'm no novice, but I cannot figure out the instructions for this. 
    When I pick  Backup, even at Max compression, it says I don't have enough space.   I don't have THAT much on D:---did I need to repartition this before I even started using this computer?  Does this mean I can never use One-Key? 
    When I pick Create Recover Disc (to make DVD backups), what do I do next? 
        The dropdown for "Select Source From" has only two options, I am guessing I have to pick "Select another image", but then I don't know what to pick for the Image path.    How do I pick the whole C drive ???   Or??   
    Please tell me exactly how to do this because I am finding LENOVO's instructions totally inadequate.     
    A couple times I got to the DVD burner--not sure how--but then it just wanted to burn the sample music files.    I'm feeling quite frustrated--this should not be this difficult!!

    I thought you've got error of another type - that error is fixed by simple software update.
    Regarding your case - it's always frightening in first time. Believe me - there's completely nothing to be afraid of.
    Resizing C drive may result killing your DATA on it only in case of energy is down during the process. Process is taking about 15-20 minutes on slow programs and about 3-4 minutes on fast programs. That means that even having problems with electricity you'll be able to finish everything correctly running on battery.
    I'd recommend using Acronis Disk director Suite, but it is not free. One of the best free progs for that are bootable Linux livecds PartedMagic and GParted. They're all intuitive understandable. 
    You will get your NOVO recovery feature lost after C resize, but you can enable it later, replacing that factory backup in hidden partition with your own backup - your NOVO button will restore your system with all your software and settings.
    it will be good for you to start with some basic principles on partitions organization schemes - why, what for and how questions are briefly explained here. After reading this you'll be able to ask right questions to get right answers.
    //help will save the world

  • I need help with one chapter of the Logic training series book...

    I've been studying from the Apple Pro training series manual - Logic pro 9, Professional Audio Production. I'm keen to sit the exam asap, and move onto the next book in the series, but may need a little coaching on one chapter - namely Appendix A, 'Using External MIDI devices.' I've never used Logic in this way, and only have one MIDI piano to work with at home. Therefore recreating what is required in the chapter, and getting my head around the material is proving difficult. Therefore I have two questions - 1) Will this section be tested in the exam?  And if so, 2) Is there anyone in the Berkshire / Surrey / West London area who could help me with a quick lesson? (I'd be prepared to pay, obviously) I've been using Logic for a number of years, so would prefer not to have to spend serious money on a full blown course.
    I'm keen to sit the exam over half term if possibe - w/c 4th June 2012.
    Thanks for your help.
    Arron

    Hi
    Appendix A covers setting up Audio MIDI Setup for a "real" external Synth, and then getting Logic to create a track to send MIDi out to that Synth. Finally, you set up the Program names.
    You should be able to go through the first part (and do it) providing you have some kind of MIDI Interface showing up in AMS. Create a "dummy" MIDI 'Synth' and cable it up.
    Once done, this 'dummy' synth will appear in Logic's Library for External Instrument tracks. Without an real synth you will not be able to hear any results.
    You could run through the process for setting up the program names, but without something actually attached, you will not be able to hear/see the changes.
    You could run in 32bit mode and use the "Software" quicktime synth, or maybe sort something using an IAC bus, but frankly, that's more likely to confuse the **** out of you at this stage.
    HTH
    CCT

  • I need help with my sercuity questions. I for got what they was. Can you help me?

    Can someone help me figured out what my sercuity question is?

    If you have a rescue email address (which is not the same thing as an alternate email address) set up on your account then go to https://appleid.apple.com/ and click 'Manage your Apple ID' on the right-hand side of that page and log into your account. Then click on 'Password and Security' on the left-hand side of that page and on the right-hand side you should see an option to send security question reset info to your rescue email address.
    If you don't have a rescue email address (you won't be able to add one until you can answer 2 of your questions) then you won't get the reset option - you will need to contact iTunes Support / Apple to get the questions reset.
    Contacting Apple about account security : http://support.apple.com/kb/HT5699
    When they've been reset (and if you don't already have a rescue email address) you can then use the steps half-way down this page to add a rescue email address for potential future use : http://support.apple.com/kb/HT5312

Maybe you are looking for

  • Unsuitable driver ************ PLEASE PROVIDE ANSWER ******

    Searching these threads shows at least 10 messages posted relating to the 'unsuitable driver' message that appears when accessing data on Internet Explorer. Yet there has been no answer to any of the messages. to reiterate the problem When Using a jd

  • Linkbucks on Twitter on iPhone

    The last two days, any link I click on my Twitter feed on my iPhone5 leads to the annoying linkbucks.com. It does not happen in any other app or on my Macbook Pro. How do I remove this? I use wi-fi to connect. If I use mobile internet, links work fin

  • Is there a way to combine accounts and music libraries?

    My wife and I got married last year and she has and itunes account and I have one. Is there a way to deactivate her account so that I can take all her music and put it on my computer so that we have one itunes account and library to sync both our ipo

  • Can a calendar from iphoto be printed anywhere?

    Can a calendar from iphoto be printed in another region than where the account is set up? I am in Switzerland and would like to get my calendar to the States for Christmas. There must be a way to print it in the States and have it delivered directly.

  • Sqlldr WHEN clause with function call ?

    I have a requirement to load data from a file with each row being checked for good data. But that check is wrapped inside a function, as it is somewhat complex. So I woul like to load the data with a WHEN clause like this WHEN ( "CHECK_IF_GOOD(:field