02-01-2017 03:26 PM - edited 03-12-2019 01:52 AM
Hello,
I would like to configure Port forwarding on ASA 5512 v9.2, but no chance to get it up and running. My topology is the following
PC(Running License Server in port 27000 IP. 192.168.X.X) -- SW (192.168.X.X) -- Inside--FW5512 --Outside -- Internet
We have a Petrel license running on a local computer in port 27000 and we would like to access this port remotely using port@address.
I did the following steps in the Firewall;
1- Created ACL Outside - Source Any, Destination Any Service TCP27000
2- Created NAT rule as follwoing
Source Interface Outside. Destination Interface Inside
Source Address Any. Destination Address Outside
service tcp 27000
Action; Translated Packet
Source NAT Type Static
Source address --Original-- Destination Local PC IP 192.168.x.x
Service tcp27000
When I check the port remotely I can see it as Open but the Outside computer is not able to reach the local pc, sounds like just communicating with the Firewall...
Maybe I'm missing something in the port config? any suggestions please?
Many Thanks,
02-01-2017 03:50 PM
Can you please paste the output of NAT and access rule from cli. Also, the best way to see if NAT and access rule are ok is to run a packet-tracer.
-
AJ
02-01-2017 04:18 PM
Hi,
This is the output:
02-02-2017 04:50 AM
Hello,
The first statement is what I think we are talking about. I guess the service mapped and real should be same and not 'any'. Something like:
nat (inside,outside) source static Petrel interface service tcp TCP27000 TCP27000
Try it and please attach a packet tracer output to get more clarity if it does not work.
-
AJ
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide