Hi all,

I need help with Port Forwarding.  It's working but only when I also include the original port on the outside access.  I have a server inside listening on port 443.  I want outside clients to connect using port 50443.  I can connect on port 50443 only when I ALSO have port 443 included in my Outside Interface ACL.  How can I block port 443 access from the outside and allow 443 access to my server only via outside port 50443 ?

[code]

object service LOCAL-HTTPS
service tcp source eq https
object service REMOTE-50443
service tcp source eq 50443
access-list ISP_access_in extended permit tcp any object obj-MY_Server eq 50443
access-list ISP_access_in extended permit tcp any object obj-MY_Server eq https      **** Once Disabled, Inbound on 50443 does NOT work ****
nat (INSIDE,ISP) source static any any destination static obj-MY_Server obj-MY_Server
nat (INSIDE,ISP) source static obj-MY_Server interface service LOCAL-HTTPS REMOTE-50443
access-group INSIDE_access_in_1 in interface INSIDE control-plane
access-group INSIDE_access_in in interface INSIDE
access-group ISP_access_in_1 in interface ISP control-plane
access-group ISP_access_in in interface ISP
[/code]

I think that includes all relevant code.  The first NAT statement fixed my first problem which was with RPF errors

Thanks in advance