Okay, these commands were successful. Right now I can not access my service by port 8090. Do I need to configure Access Rule also?

Hi,

Use a packet tracer command:

packet-tracer input wan tcp 4.2.2.2 8888 <interface ip> 8090 det 

Regards,

Aditya

Hi,

Please try opening the ACL on the WAN interface for the traffic.

Regards,

Aditya

Not sure which service to add, so added both. Packet tracker results are same.

Actually, Aditya provided wrong object group config for the 8090 group.

object service tcp-8090
service tcp source eq 8090

this should be service "tcp destination eq 8090"

try changing this and then test again.

--

Please remember to select a correct answer and rate helpful posts

Hello,

Deleted all previous and added new with tehese commands:

object service tcp-8090
service tcp destination eq 8090

object service tcp-8080
service tcp destination eq 8080

Nat (LAN1,WAN) 1 source static 10.10.11.108_8080 interface service tcp-8080 tcp-8090

Packet Tracker results are same:

The NAT now looks to be correct.  Could you post a full running config please.  remove any usernames, passwords and public IPs.

--

Please remember to select a correct answer and rate helpful posts 

Here was running conf.

You access list should have a destination port of 8080 not 8090

access-list WAN_access_in extended permit object tcp-8090 any object 10.10.11.108_8080

--

Please remember to select a correct answer and rate helpful posts

Here was running conf.

try changing the ACL entry to:

access-list WAN_access_in extended permit tcp any object 10.10.11.108_8080 eq 8080

--

Please remember to select a correct answer and rate helpful posts

Hello,

Changed to your reccomendations. No change. I have read many forums and threads, but still no help.

Could you run the packet-tracer in CLI and paste the full output here please.

--

Please remember to select a correct answer and rate helpful posts