Cisco ASA 5505 - Port Mapping

duncanwarrender · ‎08-19-2014

Hi, I'm new into IT and I was wondering if somebody could help me set up Port Mapping. Here's my scenario -
We have set up an Asterisk VoIP server that uses UDP port 5060 and another port range, and we want any public incoming connections destined for our Asterisk server on Port 5099 to be translated at the firewall to go to our Asterisk server on port 5060. I have been using ASDM 6.4 but theres no easy way to do this (as far as I know, and why I've came here looking for an answer).

We have currently just left port 5060 open to the public (so our home workers can use our phone system) but really want to get this sorted ASAP due to SIP Bots that look for ports like 5060 that are open!!

Any help would be greatly appreciated and if anybody needs anymore information just ask!!

nkarthikeyan · ‎08-19-2014

Hi,

You need to have a NAT rule set for port-forwarding to make as per your requirement..... I will give you cli based configuration example....

If your ASA is running with pre-8.3 version:

static (inside,outside) tcp interface 5099 192.168.1.10 5060 netmask 255.255.255.255

If your ASA is running with post-8.3 version:

object network SERVER-01
 host 192.168.1.10
!
object network SERVER-01
 nat (Inside,Outside) static interface service tcp 5099 5060

Regards

Karthik

duncanwarrender · ‎08-19-2014

Might seem like a really stupid question (it probably is), how do I found out the ASA Version? and is there any way to do this from the ASDM?

nkarthikeyan · ‎08-19-2014

Hi,

If you access via Cli, then you can check by issuing a command show version

ASDM Example: Refer Port Redirection Section

http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/113024-asa-82-port-forward-00.html

Regards

Karthik

duncanwarrender · ‎08-20-2014

Ok the ASA Version is 8.4

My ASDM is version 6.4

Its completely different from 6.3, not as straight forward as it seems...