Re: Opening a Port on Cisco FMC

Coyle IT · ‎10-08-2020

Hi All,

Not sure if this is the right board to post in.

I am having trouble opening a port in the Cisco FMC for my FTD devices. I have tried different variations of a NAT rules and ACL's but I am unable to open a port.

I have a test PC with IIS running on port 80. I just want to open this for a test, but unable to do so.

Can someone assist?

I am running Cisco FMC v 6.6.1 with Cisco NGFW 2120's

Thank you

balaji.bandi · ‎10-08-2020

we are not have any visibility on your network how you connected, we need more information what is the IP your Web Server outside What IP, what is the Logs show in FTD when you try to access from outside to inside ?

are you sure your web server interally working on port 80 ?

here is good guide NAT to configure :

https://networkdirection.net/articles/firewalls/firepowermanagementcentre/fmcnatpolicies/

https://www.cisco.com/c/en/us/support/docs/security/firepower-management-center/212702-configure-and-verify-nat-on-ftd.html

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Coyle IT · ‎10-09-2020

Hi Balaji,

Thanks for coming back and sorry for not providing more detail.

So the webserver is on a internal network lets 1.1.20.1 and this is going to show on the external IP of my Firewall on port 80.

I am able to go to the IIS page of my webserver internall on port 80 (http) and that works fine. I have also done a telnet internally to the IP address and Port 80 and it is open. I just cannot get port 80 to open externally.

There is no DMZ (this will come later), so the connection is literally internal network 1.1.20.1 to external IP of the FTD device.

Hope that makes a little more sense.