07-03-2012 12:34 PM - edited 03-11-2019 04:26 PM
Hi, i've got several problem. The goal is to reach port 8888 from outside to inside my lan.
my config is simple, asa inside : 192.168.1.0/24, outside dhcp by fai.
inside to outside all is ok.
internet ping to outside interface is ok.
But internet to connect to port 8888 is not working.
I try many things and i'm quite sure that my config is shitty now...
So please help me
here it is :
interface Ethernet0/0
switchport access vlan 2
!
interface Ethernet0/1
!
interface Ethernet0/2
!
interface Ethernet0/3
!
interface Ethernet0/4
!
interface Ethernet0/5
!
interface Ethernet0/6
!
interface Ethernet0/7
!
interface Vlan1
nameif inside
security-level 100
ip address 192.168.1.254 255.255.255.0
!
interface Vlan2
mac-address a44c.1156.90b2
nameif outside
security-level 0
ip address dhcp setroute
!
ftp mode passive
clock timezone CEST 1
clock summer-time CEDT recurring last Sun Mar 2:00 last Sun Oct 3:00
dns domain-lookup inside
dns domain-lookup outside
dns server-group DefaultDNS
name-server 178.250.208.37
name-server 8.8.8.8
domain-name xx
same-security-traffic permit intra-interface
object network obj_any
subnet 192.168.1.0 255.255.255.0
object network server1
host 192.168.1.20
object network NETWORK_OBJ_192.168.1.192_27
subnet 192.168.1.192 255.255.255.224
object network telephone_ip
host 192.168.1.5
object network lan
subnet 192.168.1.0 255.255.255.0
description lan
object network vpn
range 192.168.69.100 192.168.69.110
description vpn
object network NETWORK_OBJ_192.168.1.0_24
subnet 192.168.1.0 255.255.255.0
object network NETWORK_OBJ_192.168.69.96_28
subnet 192.168.69.96 255.255.255.240
object service http_8888
service tcp destination eq 8888
object-group protocol DM_INLINE_PROTOCOL_1
protocol-object icmp
protocol-object udp
protocol-object tcp
protocol-object ip
object-group protocol TCPUDP
protocol-object udp
protocol-object tcp
object-group protocol DM_INLINE_PROTOCOL_2
protocol-object ip
protocol-object icmp
access-list outside_access_in extended permit ip object NETWORK_OBJ_192.168.69.96_28 any
access-list outside_access_in extended permit object-group TCPUDP any object telephone_ip eq sip
access-list outside_access_in extended permit icmp any any
access-list outside_access_in extended permit object http_8888 any object server1
access-list outside_access_in extended permit tcp any host 192.168.1.20 eq 8888
access-list outside_access_in extended permit tcp any host 192.168.1.20
access-list inside_access_in extended permit ip any any
access-list nonat remark ACL for Nat Bypass
access-list nonat extended permit ip 192.168.1.0 255.255.255.0 192.168.69.0 255.255.255.0
access-list lan standard permit 192.168.1.0 255.255.255.0
access-list SplitTunnel_ACL standard permit 192.168.1.0 255.255.255.0
pager lines 24
logging enable
logging buffered debugging
logging asdm informational
mtu inside 1500
mtu outside 1500
ip local pool vpn-pool 192.168.69.100-192.168.69.110 mask 255.255.255.0
ipv6 icmp permit any inside
ipv6 icmp permit any outside
icmp unreachable rate-limit 1 burst-size 1
icmp permit any inside
icmp permit any outside
no asdm history enable
arp timeout 14400
nat (inside,outside) source static lan lan destination static vpn vpn
nat (inside,outside) source dynamic lan interface
nat (outside,outside) source dynamic any interface destination static server1 server1 service http_8888 http_8888
!
object network server1
nat (outside,inside) static interface service tcp 8888 8888
!
access-group inside_access_in in interface inside
access-group outside_access_in in interface outside
07-03-2012 04:49 PM
Hello John,
Sure, if you want send me the config on a private message, I will resolve this for you.
Regards,
Julio
07-03-2012 04:50 PM
yes i send it to you now
07-03-2012 05:04 PM
Hello,
Check the changes.
If that does not work, please send the configuration with the changes I did
07-03-2012 05:16 PM
done look your pm
07-03-2012 05:19 PM
I just answered that
07-03-2012 05:26 PM
me2 =)
07-03-2012 11:29 PM
Hi back,
So any news ?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide