Solved: ASA Configuration Question

mingram27 · ‎08-01-2012

This may be an easy one for you guys, I just inherited an ASA from a purchased company. I have to assign a public IP to a host for externam access on a specific port.

Can anyone tell me what the specific syntax would be on a ASA? (Scenario below)

allow 65.x.x.x to host 172.x.x.x on port (non descript) 5711

I would really appreciate anyone's with this. The ASA is a 5520.

Thank you again.

Julio Carvajal · ‎08-01-2012

Hello Matthew,

Witch version are you running, lets say 8.3 or higher:

object network Outside_IP

host 65.2.2.2

object network Inside_IP

host 172.16.2.3

object service 5711

Service tcp source eq 5711

nat (inside,outside) source static Inside_IP Outside_IP service 5711 5711

access-list outside_in permit tcp any host 172.16.2.3 eq 5711

access-group outside_in in interface outside

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC

View solution in original post

Julio Carvajal · ‎08-01-2012