Cisco ASA 5505 port forward to server proxy ( no wccp )

alessandro.fachin · ‎06-10-2009

Hi all,

I've read few old post about the redirect of 80 443 to a server-proxy with wccp. This solution is the only to forward port ? I think exists a more simple solution to forward a port, does it exists ?

For example how could I do to forward the 22 port to another host in my inside-lan to 222 ?

Thanks to all for reply.

ldardon · ‎06-16-2009

To allow access to particular TCP port forwarding applications for a specific user or group policy, use the listname you create here with the port-forward command in webvpn mode. The security appliance does not support the Microsoft Outlook Exchange (MAPI) proxy. Neither port forwarding nor the smart tunnel feature that provides application access through a clientless SSL VPN session supports MAPI. For Microsoft Outlook Exchange communication using the MAPI protocol, remote users must use AnyConnect.

http://www.cisco.com/en/US/docs/security/asa/asa81/command/ref/p.html#wp1875150

seibertmedia · ‎09-30-2009

Hi,

do you mean, portforwarding from external ip to an internal server behind nat?

Then, you can do a static NAT with PAT for the server

access-list internal_nat_static_3 extended permit tcp host $internal-host eq $port any

static ($internal-interface,$external-interface) tcp $external-ip $port access-list internal_nat_static_3

if you want to redirect packets from internal ip's you need policy based routing, which isn't supported by the asa.