Re: ASDM port forward range

chacegroup · ‎10-20-2010

I'm new to Cisco and I'm having a little trouble trying to figure out how to port forward a range of ports. I have successfully port forwarded 80 and 22 to an internal server but I can't seem to find out where to enter a range. I'm running ASDM 5.2..

We have a Freepbx server and I need to forward from 63.175.158.121 to 192.168.100.121 the follwoing port ranges:

5060~5082

10000~20000

Thanks for any help.

Maykol Rojas · ‎10-20-2010

Hello Anthony,

This is Mike, Unless you are in version 8.3 you will be able to do a port forward with a range of ports. No other version support this.

Mike

deepakitkar · ‎03-15-2011

I have ASA 5505 Version 8.2(1) with ASDM Version 6.2(1).

I was able to forward SIP port 5060 but need to forward RTP ports which has a range of 10000-20000. Is there any way to do this?

csaxena · ‎03-15-2011

Hello Deepak,

As Maykol suggested, this is only possible with ASA 8,3 code. You will have to do static NAT on ASA 8.2 or lower.

Hope this helps. Please reply back if you need any further assistance.

Regards,
Chirag
P.S.: Please mark this thread as answered if you feel your query is answered. Do rate helpful posts.

deepakitkar · ‎03-16-2011

Hi Chirag,

Thanks for the reply.

I dont know how to do it using command line interface. I need to allow incoming and outgoing traffic on these UDP ports 5060(for sip), 5061(for sip) and 10000-20000(for rtp). Do we create just an access list to forward these port or do we have to also create firewall rule? Any idea what these command will be?

Thank you,

Deepak

csaxena · ‎03-17-2011

Hello Deepak,

Here is a sample config. Make service objects and use range rather than eq.

5500-60(config-service-object)# object service range1
5500-60(config-service-object)# service tcp source range 5000 5100

Hope this helps. Please reply back if you need any further assistance.

Regards,
Chirag
P.S.: Please mark this thread as answered if you feel your query is answered. Do rate helpful posts.