https://community.cisco.com/t5/network-security/cisco-asa-5520-pat-rule-not-working/m-p/3399629#M954459 <P>Hi Daniele,</P> <P>&nbsp;</P> <P>Most of these commands are not support on the asa version I am running unfortunately.</P> Thu, 14 Jun 2018 16:52:14 GMT Redrobin 2018-06-14T16:52:14Z https://community.cisco.com/t5/network-security/cisco-asa-5520-pat-rule-not-working/m-p/3399365#M954449 <P>Hi Support,</P> <P>&nbsp;</P> <P>I am having problems applying a PAT rule on a ASA 5520 8.2 ASDM 6.1 ( I am aware it needs upgrading).</P> <P>&nbsp;</P> <P>I am basically trying to translate outside connections into a web server using 4443 to redirect to 443&nbsp; to server 192.168.1.1 (Staff-Argon).</P> <P>&nbsp;</P> <P>Below is what I have setup;</P> <P>&nbsp;</P> <P>static (3-Staff,0-outside) tcp interface 4443 Staff-Argon https netmask 255.255.255.255</P> <P>access-list 0-outside_access_in extended permit tcp any host Staff-Argon eq https</P> <P>&nbsp;</P> <P>On a packet trace it failed at NAT and telnet test faills to the external facing IP address on port 4443.</P> <P>&nbsp;</P> <P>Got a bit stuck now and I am going in circles so any assistance is greatly appreciated.</P> <P>&nbsp;</P> <P>Many thanks,</P> <P>&nbsp;</P> <P>David</P> <P>&nbsp;</P> <P>&nbsp;</P> Fri, 21 Feb 2020 15:52:52 GMT https://community.cisco.com/t5/network-security/cisco-asa-5520-pat-rule-not-working/m-p/3399365#M954449 Redrobin 2020-02-21T15:52:52Z https://community.cisco.com/t5/network-security/cisco-asa-5520-pat-rule-not-working/m-p/3399367#M954452 <P>Try this:</P> <P>&nbsp;conf t</P> <P>&nbsp;object network&nbsp;<SPAN>Staff-Argon</SPAN></P> <P>&nbsp; host&nbsp;<SPAN>192.168.1.1&nbsp; &nbsp;(must be the private ip of your server)</SPAN></P> <P><SPAN>&nbsp; nat (3-Staff,0-outside) static interface service tcp 443 4443</SPAN></P> <P>&nbsp;</P> <P><SPAN>access-list 0-outside_access_in extended permit tcp any host 192.168.1.1 eq https</SPAN></P> <P>&nbsp;</P> <P>&nbsp;</P> <P><SPAN>Shoud work.</SPAN></P> <P><SPAN>Regards.</SPAN></P> <P>&nbsp;</P> Thu, 14 Jun 2018 10:15:24 GMT https://community.cisco.com/t5/network-security/cisco-asa-5520-pat-rule-not-working/m-p/3399367#M954452 Daniele Giordano 2018-06-14T10:15:24Z https://community.cisco.com/t5/network-security/cisco-asa-5520-pat-rule-not-working/m-p/3399484#M954455 <P>open the outside if. up for 4443 instead of 443</P> Thu, 14 Jun 2018 14:08:51 GMT https://community.cisco.com/t5/network-security/cisco-asa-5520-pat-rule-not-working/m-p/3399484#M954455 Dennis Mink 2018-06-14T14:08:51Z https://community.cisco.com/t5/network-security/cisco-asa-5520-pat-rule-not-working/m-p/3399629#M954459 <P>Hi Daniele,</P> <P>&nbsp;</P> <P>Most of these commands are not support on the asa version I am running unfortunately.</P> Thu, 14 Jun 2018 16:52:14 GMT https://community.cisco.com/t5/network-security/cisco-asa-5520-pat-rule-not-working/m-p/3399629#M954459 Redrobin 2018-06-14T16:52:14Z https://community.cisco.com/t5/network-security/cisco-asa-5520-pat-rule-not-working/m-p/3399631#M954461 <P>Hi Dennis,</P> <P>&nbsp;</P> <P>Did you mean in the PAT rule or the ACL?</P> <P>&nbsp;</P> <P>Thanks,</P> <P>&nbsp;</P> <P>David</P> Thu, 14 Jun 2018 16:55:30 GMT https://community.cisco.com/t5/network-security/cisco-asa-5520-pat-rule-not-working/m-p/3399631#M954461 Redrobin 2018-06-14T16:55:30Z https://community.cisco.com/t5/network-security/cisco-asa-5520-pat-rule-not-working/m-p/3399655#M954465 <P>add show version please</P> Thu, 14 Jun 2018 17:21:00 GMT https://community.cisco.com/t5/network-security/cisco-asa-5520-pat-rule-not-working/m-p/3399655#M954465 Daniele Giordano 2018-06-14T17:21:00Z https://community.cisco.com/t5/network-security/cisco-asa-5520-pat-rule-not-working/m-p/3399751#M954468 Hi David,<BR /><BR />Your original config is correct but the ACL: prior to 8.3 on the outside (in direction ACL) you need to allow access on 4443 on the public IP of the outside interface rather than the private IP:443. Thu, 14 Jun 2018 19:40:44 GMT https://community.cisco.com/t5/network-security/cisco-asa-5520-pat-rule-not-working/m-p/3399751#M954468 Florin Barhala 2018-06-14T19:40:44Z https://community.cisco.com/t5/network-security/cisco-asa-5520-pat-rule-not-working/m-p/3401045#M954472 <P>Thanks Florin, this worked perfectly your a life saver.</P> <P>&nbsp;</P> <P>Thanks to everyone else also for your comments.</P> Mon, 18 Jun 2018 11:08:07 GMT https://community.cisco.com/t5/network-security/cisco-asa-5520-pat-rule-not-working/m-p/3401045#M954472 Redrobin 2018-06-18T11:08:07Z