Hello, I've got an ASA5505 and a Cisco UMI on my home network. I've been told I need to open the following ports:
3478 - UDP
443 - TCP
16384-32766 UDP
123 NTP
5222 TCP/UDP
5111 TCP/UDP
I'm no security wizard. I used the example of port forwarding to the web server in the DMZ as the foundation of my configuration.
I realize in the DMZ port forward example the request are initiated from the outside and in my case the request are initiated from the inside.
So I'm guessing this is a bit off.
I created a Service Group called UMI_Ports with all the ports listed above and a network object Cisco-UMI using the static address is assigned, 192.168.1.121.
I created an Access Rule on the outside interface, source any, destination Cisco-UMI permit. and a NAT Rule UMI-Server, Host, IP 192.3168.1.121, type Static, on the outside. I didn't know what to do in the advanced screen so I left it blank. The Web DMZ example only has one protocol (80) so it doesn't exactly fit my case.
Then I created a static route, but I didn't know the ISP GW. What do I out there?
Here's the diagram
UMI (192.168.1.121) --> layer 2 switch ----> ASA inside interface (192.168.1.1) --> ASA outside interface DHCP address provided by ISP.
Any help would be appriciated.