Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2076
Views
0
Helpful
6
Replies

ASA Port Redirect Issue

Go to solution
Tauer Drumond
Level 1
Level 1

‎08-01-2011 10:56 AM - edited ‎03-11-2019 02:06 PM

Hi all,

I'm trying to redirect a traffic as follow:

HOST A connects at ASA's outside interface at port 8888.

ASA must redirect traffic to host B at port 3389.

Resuming.........HOST A must access port 3389 of HOST B

Is that possible?

See attachment to see the topology and IP addresses. It's simple, but I'm not achieving the goal

Thanks!

Tauer

Labels:
Preview file
22 KB
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame

‎08-01-2011 01:25 PM

Yes it should be possible. Something like -

static (inside,outside) tcp 100.100.100.100 8888 192.168.1.100 3389 netmask 255.255.255.255

Jon

View solution in original post

0 Helpful

Go to solution
Edward Dutra
Cisco Employee
Cisco Employee
In response to Tauer Drumond

‎08-02-2011 02:59 PM

Hi...

Jon is correct:

static (inside,outside) tcp OutsidePublic IP 8888 RealPrivateIP 3389 netmask 255.255.255.255

or

static (,) tcp 8888 3389 netmask 255.255.255.255

The static basically says, anything arriving to the OutsidePublicIP on port 8888, redirect it to RealPrivateIP port 3389. Nothing in the static statement cares about the source. Only the destination.

View solution in original post

0 Helpful
6 Replies 6

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame

‎08-01-2011 01:25 PM

Yes it should be possible. Something like -

static (inside,outside) tcp 100.100.100.100 8888 192.168.1.100 3389 netmask 255.255.255.255

Jon

0 Helpful

Go to solution
Tauer Drumond
Level 1
Level 1
In response to Jon Marshall

‎08-02-2011 04:45 AM

Hi Jon,

But what happens if a diferent source must connect at same port 8888 and be redirected to a diferent destination port?
I think I must specify the source, have I?

0 Helpful

Go to solution
Edward Dutra
Cisco Employee
Cisco Employee
In response to Tauer Drumond

‎08-02-2011 02:59 PM

Hi...

Jon is correct:

static (inside,outside) tcp OutsidePublic IP 8888 RealPrivateIP 3389 netmask 255.255.255.255

or

static (,) tcp 8888 3389 netmask 255.255.255.255

The static basically says, anything arriving to the OutsidePublicIP on port 8888, redirect it to RealPrivateIP port 3389. Nothing in the static statement cares about the source. Only the destination.

0 Helpful

Go to solution
Tauer Drumond
Level 1
Level 1
In response to Edward Dutra

‎08-03-2011 03:55 AM

So.... will I never be able to specify the source?

Thanks!

0 Helpful

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to Tauer Drumond

‎08-03-2011 06:15 AM

As far i know you cannot do this because the port used on the public IP must be different.  You can use different port numbers with the public IP and then map these to the same host with different ports. But not the same port on the public IP.

Jon

0 Helpful

Go to solution
Tauer Drumond
Level 1
Level 1
In response to Jon Marshall

‎08-03-2011 06:17 AM

ok. I got it.

I made a test and worked fine, even not expliciting the source I'll be able to do what I want

Thank you all

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card