• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Port forwarding on an asa v8

RadiclDreamer

RadiclDreamer

Diamond Member
I have an ASA and would like to start learning stuff about it. First of all I'd like to learn how to forward a port, so for example I have an interface called inside, outside, and DMZ and I want to forward traffic from outside to inside on the host 192.168.1.6

So for example as a test I would like to be able to setup a web server on my machine and from an outside machine say xxx.xxx.xxx.xxx/index.html and have the ASA send that traffic to the address specified.

I know this sounds basic, but cisco has a way of making things more difficult than they are. Bonus points if you can explain the commands and why they are done the way they are.

Thanks!
 
product documentation is a good place to start, Configuration Guide and Command Reference

to create a static translation, use:

static (real_ifc,mapped_ifc) {mapped_ip | interface} {real_ip [netmask mask] | access-list access_list_name} [dns] [[tcp] max_conns [emb_lim]] [udp udp_max_conns] [norandomseq [nailed]]

for example, to translate 9.9.9.9 on the outside to 192.168.1.6 on the inside, use:

static (inside,outside) 9.9.9.9 192.168.1.6 netmask 255.255.255.255

additionally, you will need to an access-list to permit the traffic since you're going from a low security interface to a high security interface:

access-list FROM-OUTSIDE extended permit tcp any host 9.9.9.9 eq 80
access-group FROM-OUTSIDE in interface outside
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top