ASA5505 ASDM NAT with port forwarding question.

Started by KDog, May 20, 2016, 12:42:19 AM

Previous topic - Next topic

routerdork

Try this out. If I read what you wanted correctly this is how to port forward on an ASA. You would also need to allow the traffic through your interface ACL's. You'll want to check the port on the ACL, I believe it is the port number before mapping but I could be wrong. We don't change ports on our forwards so I'm not 100% sure on that piece, it comes down to order of operations. I would think that the ACL comes before NAT.

object network Internal_Server
host 192.168.0.20
!
object-group network Ext_Port_Fwd_Address
network-object host 172.16.0.30
!
object-group network Cloud_Server
network-object host 10.10.10.10
!
object network Internal_Server
nat (inside,outside) static Ext_Port_Fwd_Address service tcp 8443 443
!
access-list acl_inbound extended permit tcp object-group Cloud_Server object Internal_Server eq 443
!
access-group acl_inbound in interface outside

"The thing about quotes on the internet is that you cannot confirm their validity." -Abraham Lincoln