06-21-2014 02:16 PM - edited 03-11-2019 09:21 PM
Hello,
I could really use some help in setting up a port forward rule on my ASA. I have a host on the LAN (192.168.1.24) I need to expose ports 8082 and 8083 (both tcp and udp) to the Internet. I have an existing rule set up for another host on the LAN on another port and it seems to be working fine, but I can't seem to get this range set up for this new device. I tried adding the commands and I can sometimes get either 8082 or 8083 to work correctly, but never both simultaneously. I have a single, dynamic IP address from my ISP.
I must be doing something wrong, and I would really appreciate it if someone could give me the explicit changes to make. I have a feeling it is because I need 2 ports open for the same internal IP, but I am not sure.
Could someone please give me the commands to issue. The commands I used previously for a single port are not working.
Thanks, please advise.
-Rob
06-21-2014 11:50 PM
Hi Rob,
Could you please try like the below?. I hope this should work for you, but am not pretty sure on this.
object network obj-192.168.1.24-tcp-8082
host 192.168.1.24
!
object network obj-192.168.1.24-tcp-8083
host 192.168.1.24
!
object network obj-192.168.1.24-udp-8082
host 192.168.1.24
!
object network obj-192.168.1.24-udp-8083
host 192.168.1.24
!
object network obj-192.168.1.24-tcp-8082
nat (inside,outside) static interface service tcp 8082 8082
!
object network obj-192.168.1.24-tcp-8083
nat (inside,outside) static interface service tcp 8083 8083
!
object network obj-192.168.1.24-udp-8082
nat (inside,outside) static interface service udp 8082 8082
!
object network obj-192.168.1.24-udp-8083
nat (inside,outside) static interface service tcp 8083 8083
!
Please do rate for the helpful posts and do remember to select the correct answer
Regards
Karthik
06-24-2014 03:28 PM
Thank you, I think I figured it out, but I am not sure I understand the difference in the commands I used. I think it has to do with the inherent differences between the types of commands used in PAT.
06-24-2014 07:34 PM
Hi Roy,
Yeah. You can try this out and let me know if that solves your problem.
Please do rate the helpful posts and remember to mark the correct answers.
Regards
Karthik
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide