Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > help w/ 5510 config

Reply
Thread Tools

help w/ 5510 config

 
 
Jake
Guest
Posts: n/a
 
      01-30-2008
I've got a 5510 and I'm having a problem trying to get internet access
from my development boxes and was hoping someone could take a look at
what I have wrong here.

I'm trying to forward www, https, and 3690 from the outside - PAT to my
dmz, ssh to my cluster from the outside, and get internet access from
within development network.

Any help much appreciated.

---

name 192.168.3.0 DEV_NET
name 192.168.4.0 DMZ_NET
name 192.168.2.0 CLUSTER_NET
name 199.199.xxx.14 MY_WAN_IP


interface Ethernet0/0
nameif outside
security-level 0
ip address MY_WAN_IP 255.255.255.0
!
interface Ethernet0/1
nameif dmz
security-level 20
ip address 192.168.4.1 255.255.255.0
!
interface Ethernet0/2
nameif cluster
security-level 60
ip address 192.168.2.1 255.255.255.0
!
interface Ethernet0/3
nameif development
security-level 80
ip address 192.168.3.1 255.255.255.0
!
interface Management0/0
nameif management
security-level 100
ip address 192.168.1.1 255.255.255.0
management-only
!


object-group service DMZ_SERVICES tcp
port-object eq www
port-object eq https
port-object eq 3690
object-group service ALL_SERVICES tcp
port-object eq www
port-object eq https
port-object eq 3690
port-object eq ssh
access-list DEV_ACCESS extended permit ip any any
access-list SSH_ACCESS extended permit tcp any any eq ssh
access-list ALL_ACCESS extended permit tcp any any object-group ALL_SERVICES
access-list DMZ_ACCESS extended permit tcp any interface dmz
object-group DMZ_SERVICES

nat-control
global (outside) 1 interface
nat (dmz) 1 DMZ_NET 255.255.255.0
nat (cluster) 1 CLUSTER_NET 255.255.255.0
nat (development) 1 DEV_NET 255.255.255.0
static (cluster,outside) tcp interface ssh 192.168.2.10 ssh netmask
255.255.255.255
static (dmz,outside) tcp interface www 192.168.4.10 www netmask 255.255.255.255
static (dmz,outside) tcp interface https 192.168.4.10 https netmask
255.255.255.255
static (dmz,outside) tcp interface 3690 192.168.4.10 3690 netmask
255.255.255.255
static (management,development) MGMT_NET MGMT_NET netmask 255.255.255.0
static (management,cluster) MGMT_NET MGMT_NET netmask 255.255.255.0
static (management,dmz) MGMT_NET MGMT_NET netmask 255.255.255.0
static (development,cluster) DEV_NET DEV_NET netmask 255.255.255.0
static (development,dmz) DEV_NET DEV_NET netmask 255.255.255.0
static (cluster,development) CLUSTER_NET CLUSTER_NET netmask 255.255.255.0
static (development,outside) DEV_NET DEV_NET netmask 255.255.255.0
access-group DMZ_ACCESS in interface dmz
access-group SSH_ACCESS in interface cluster
access-group ALL_ACCESS in interface outside
access-group DEV_ACCESS out interface development
route outside 0.0.0.0 0.0.0.0 199.199.xxx.1 1


 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
ASA 5510 config issue Lirria Cisco 0 04-14-2009 10:08 PM
cisco asa 5510 intervlan config sapmohan Cisco 0 03-21-2008 04:40 PM
dll config and web.config and Label Expressions (binding label text to dll config settings) CSharpner ASP .Net 0 04-09-2007 09:00 PM
Cisco 871 + ASA 5510 Quality of Service Config michikrall@hotmail.com Cisco 3 04-14-2006 02:24 PM
Active/standby config for ASA 5510 Erich Reimberg N. Cisco 0 07-01-2005 01:57 PM



Advertisments