Configuring port forwarding

ranimbouraoui · ‎02-01-2017

Hello,

I would like to configure Port forwarding on ASA 5512 v9.2, but no chance to get it up and running. My topology is the following

PC(Running License Server in port 27000 IP. 192.168.X.X) -- SW (192.168.X.X) -- Inside--FW5512 --Outside -- Internet

We have a Petrel license running on a local computer in port 27000 and we would like to access this port remotely using port@address.

I did the following steps in the Firewall;

1- Created ACL Outside - Source Any, Destination Any Service TCP27000

2- Created NAT rule as follwoing

Source Interface Outside. Destination Interface Inside

Source Address Any. Destination Address Outside

service tcp 27000

Action; Translated Packet

Source NAT Type Static

Source address --Original-- Destination Local PC IP 192.168.x.x

Service tcp27000

When I check the port remotely I can see it as Open but the Outside computer is not able to reach the local pc, sounds like just communicating with the Firewall...

Maybe I'm missing something in the port config? any suggestions please?

Many Thanks,

Ajay Saini · ‎02-01-2017

Can you please paste the output of NAT and access rule from cli. Also, the best way to see if NAT and access rule are ok is to run a packet-tracer.

-

AJ

ranimbouraoui · ‎02-01-2017

Hi,

This is the output:

Ajay Saini · ‎02-02-2017

Hello,

The first statement is what I think we are talking about. I guess the service mapped and real should be same and not 'any'. Something like:

nat (inside,outside) source static Petrel interface service tcp TCP27000 TCP27000

Try it and please attach a packet tracer output to get more clarity if it does not work.

-

AJ