It's free to register, to post a question or to start / join a discussion
Port forwarding on Cisco ASA
Likes # 0
Posted March 16, 2011 at 4:56PM
Hi all, we have an ASA 5505 and I need to set up port forwarding for an unusual
port number which will be used for FTP on an IIS server.
It's a bit complex as there are 3 VLANs: these are called ISP, Server and LAN-
side VPN. We need to add a TCP port 8521 forward from the server's IP in Server
WAN to ISP WAN VLAN with public IP address.
As far as I'm aware, normally for simple port forwarding on a 5505 I can do the
object network FTP_Server
host [IP address of the destination server]
nat (inside,outside) static interface service tcp 8521 8521
access-list inbound permit tcp any object FTP_Server eq 8521
access-group inbound in interface outside
However, will this work given that we want to forward the port from the IP
address of the server in the Server WAN VLAN, to a public IP address in the ISP
Also when I try to add a new host IP address for port forwarding on a Cisco ASA
object network FTPServer
(Then I try doing this)
But it says the syntax is wrong? I don't understand as I should be able to add
the IP address for the new object?
Also I notice at the command prompt I have asa (config-network) as the prompt
text, whereas I should have asa (config-network-object) - anyone know why this
Please let me know?
Reply to this topic
This thread has been locked.