# CISCO ASA5520 ASA 8.4(3) NAT Help please!!!



## Shrinathv (Mar 14, 2017)

I need to provide access to the LAN running web based application to outside (WAN) . 

I got public IP I need to NAT local IP to Public 

If possible provide me some references or steps to perform . Can all the tasks can be performed with GUI interface OR some IOS commands is required.

security Appliance : CISCO ASA 5520 ASA 8.4(3) ASDM 6.4(7)


----------



## MitchConner (May 8, 2015)

Hi mate.

You'll need to create a network object to apply the NAT configuration:

conf t
object network _*nameoftheobject*_
host _*x.x.x.x*_
nat (_*insideinterface,outsideinterface*_) static interface service tcp _*80 80*_

Then create an access rule to allow the traffic:

conf t
access-list _*outside_access_in*_ permit tcp any object _*nameoftheobject*_ eq _*80*_
access-group _*outside_access_in*_ in interface _*outsideinterface*_

Things you'll need to change in the above commands:

_*nameoftheobject*_ - I would name this the same as your webserver
_*host x.x.x.x*_ - The internal (private) IP address of your host
_*insideinterface,outsideinterface*_ - Insideinterface to whatever interface on your ASA the host is attached to, and outsideinterface the name of your outside (public) interface.
_*80 80*_ - Whatever port you need to forward to your server. The first port 80 defines what port the ASA is 'listening' for, the second is what it forwards to the server. That port will need to match in your access rule.
_*outside_access_in*_ - If you already have an ACL applied to your outside interface, you'll need to match the name to add the rule.


----------

