<?xml version="1.0" encoding="UTF-8"?>
<rss xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:taxo="http://purl.org/rss/1.0/modules/taxonomy/" version="2.0">
  <channel>
    <title>topic Hi Jon,When you say version in Network Security</title>
    <link>https://community.cisco.com/t5/network-security/port-forwarding/m-p/2705832#M190683</link>
    <description>&lt;P&gt;Hi Jon,&lt;/P&gt;&lt;P&gt;When you say version pre-8.3, i am expecting you are mentioning version 8.2(just to say). In that case, this nat would not work as syntax is incorrect.&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;As per the description, here is my understanding :&lt;/P&gt;&lt;P&gt;Real Address :&amp;nbsp;10.10.10.104, Real Port 5081&lt;/P&gt;&lt;P&gt;Mapped Address : Outside interface IP address, mapped port 443 or 80&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;Suggested configuration:&lt;/P&gt;&lt;P&gt;static (inside,outside) tcp &amp;lt;outside-int-ip&amp;gt; &amp;lt;mapped-port&amp;gt; 10.10.10.104 5581&lt;/P&gt;&lt;P&gt;- In case of https, you might get some error that 443 can not be reserved. This comes when you have enabled 'http server enable'. This default use '443' for asdm traffic. Configure something like 'http server enable 4443'. Then you need to access&amp;nbsp;asdm on port 4443 instead of 443 and this time ASA would take the nat statement.&lt;/P&gt;&lt;P&gt;- You can not redirect 80 and 443 traffic&amp;nbsp;to same IP and Port of&amp;nbsp;inside server through same mapped address.&lt;/P&gt;&lt;P&gt;Access-list looks fine:&lt;/P&gt;&lt;P&gt;access-list Outside_in extended permit tcp any any eq https&lt;/P&gt;&lt;P&gt;do not forget to attach it to interface:&lt;/P&gt;&lt;P&gt;access-group &amp;nbsp;Outside_in in interface outside&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;Access below link to understand and configure the same :&lt;/P&gt;&lt;P&gt;http://www.cisco.com/c/en/us/td/docs/security/asa/asa82/configuration/guide/config/nat_staticpat.html#wp1071777&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;Let me know if you have any query on this.&lt;/P&gt;&lt;P&gt;Thanks and Regards,&lt;/P&gt;&lt;P&gt;Akshay Rastogi&lt;/P&gt;</description>
    <pubDate>Sat, 13 Jun 2015 17:00:43 GMT</pubDate>
    <dc:creator>Akshay Rastogi</dc:creator>
    <dc:date>2015-06-13T17:00:43Z</dc:date>
    <item>
      <title>Port forwarding</title>
      <link>https://community.cisco.com/t5/network-security/port-forwarding/m-p/2705831#M190682</link>
      <description>&lt;P&gt;I have an easy question for someone. I am used to the pre-8.3 IOS version of nat'ing and am having some trouble on a newer version nat.&lt;/P&gt;&lt;P&gt;What I am wanting to do is port inbound http/https traffic from the outside in and send it to port 5081&amp;nbsp;on the inside address of 10.10.10.104. Can someone give me a hand on getting the ACL and nat statement for this?&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;What I have tried is this and it does not work:&lt;/P&gt;&lt;P&gt;&amp;nbsp; access-list Outside_in extended permit tcp any any eq http&lt;/P&gt;&lt;P&gt;&amp;nbsp; access-list Outside_in extended permit tcp any any eq https&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;&amp;nbsp; nat (inside,outside) static outside 5081 10.10.10.104 5081 eq http&lt;/P&gt;&lt;P&gt;&amp;nbsp;&amp;nbsp;nat (inside,outside) static outside 5081 10.10.10.104 5081 eq http&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;Any help would be appreciated.&lt;/P&gt;&lt;P&gt;-Jon&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;</description>
      <pubDate>Tue, 12 Mar 2019 06:06:10 GMT</pubDate>
      <guid>https://community.cisco.com/t5/network-security/port-forwarding/m-p/2705831#M190682</guid>
      <dc:creator>JonRM1970</dc:creator>
      <dc:date>2019-03-12T06:06:10Z</dc:date>
    </item>
    <item>
      <title>Hi Jon,When you say version</title>
      <link>https://community.cisco.com/t5/network-security/port-forwarding/m-p/2705832#M190683</link>
      <description>&lt;P&gt;Hi Jon,&lt;/P&gt;&lt;P&gt;When you say version pre-8.3, i am expecting you are mentioning version 8.2(just to say). In that case, this nat would not work as syntax is incorrect.&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;As per the description, here is my understanding :&lt;/P&gt;&lt;P&gt;Real Address :&amp;nbsp;10.10.10.104, Real Port 5081&lt;/P&gt;&lt;P&gt;Mapped Address : Outside interface IP address, mapped port 443 or 80&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;Suggested configuration:&lt;/P&gt;&lt;P&gt;static (inside,outside) tcp &amp;lt;outside-int-ip&amp;gt; &amp;lt;mapped-port&amp;gt; 10.10.10.104 5581&lt;/P&gt;&lt;P&gt;- In case of https, you might get some error that 443 can not be reserved. This comes when you have enabled 'http server enable'. This default use '443' for asdm traffic. Configure something like 'http server enable 4443'. Then you need to access&amp;nbsp;asdm on port 4443 instead of 443 and this time ASA would take the nat statement.&lt;/P&gt;&lt;P&gt;- You can not redirect 80 and 443 traffic&amp;nbsp;to same IP and Port of&amp;nbsp;inside server through same mapped address.&lt;/P&gt;&lt;P&gt;Access-list looks fine:&lt;/P&gt;&lt;P&gt;access-list Outside_in extended permit tcp any any eq https&lt;/P&gt;&lt;P&gt;do not forget to attach it to interface:&lt;/P&gt;&lt;P&gt;access-group &amp;nbsp;Outside_in in interface outside&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;Access below link to understand and configure the same :&lt;/P&gt;&lt;P&gt;http://www.cisco.com/c/en/us/td/docs/security/asa/asa82/configuration/guide/config/nat_staticpat.html#wp1071777&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;Let me know if you have any query on this.&lt;/P&gt;&lt;P&gt;Thanks and Regards,&lt;/P&gt;&lt;P&gt;Akshay Rastogi&lt;/P&gt;</description>
      <pubDate>Sat, 13 Jun 2015 17:00:43 GMT</pubDate>
      <guid>https://community.cisco.com/t5/network-security/port-forwarding/m-p/2705832#M190683</guid>
      <dc:creator>Akshay Rastogi</dc:creator>
      <dc:date>2015-06-13T17:00:43Z</dc:date>
    </item>
  </channel>
</rss>

