06-28-2019 02:43 AM
Hello,
I have problem open port 80 on ASA firewall 5506 (routed mode). There are two WAN interfaces (VLAN192 for backup). Configuration as below:
object network Web-server-http
host 192.168.1.100
object network Web-server-http
nat (inside,outside) static interface service tcp www www
object network web-server-VLAN192
nat (inside,VLAN192) static interface service tcp www www
access-list outside_access_in_1 extended permit tcp any object Web-server-http eq www
access-list VLAN192_access_in extended permit tcp any object Web-server-http eq www
access-group outside_access_in_1 in interface outside
access-group VLAN192_access_in in interface VLAN192
When I scan the public IP for open ports - port 80 status result -Filtered. What I am missing?
I have followed the below guide:
https://www.petenetlive.com/KB/Article/0000077
Thank you in advanced,
Denisa
Solved! Go to Solution.
06-29-2019 01:01 AM
Hi Balaji,
Thank you for your reply.
The guide you suggested did not work. It was the same with the guide I first followed.
In the attached file I have described the solution.
1. Create Access-List. Destination-Private IP of the Server. Service port http
2. Create NAT Rule: Add NAT Rule before: “Network Object” NAT Rules
3. Service Port must be created – Source Port
Kind Regards,
Denisa
06-28-2019 02:32 PM
Some time Scanning will detect ASA side as Attack, depends on how you scan.
how about you try telnet public-ip 80 (are you able to connect ?)
here is the clear setup guide
06-29-2019 01:01 AM
Hi Balaji,
Thank you for your reply.
The guide you suggested did not work. It was the same with the guide I first followed.
In the attached file I have described the solution.
1. Create Access-List. Destination-Private IP of the Server. Service port http
2. Create NAT Rule: Add NAT Rule before: “Network Object” NAT Rules
3. Service Port must be created – Source Port
Kind Regards,
Denisa
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: