Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
757
Views
0
Helpful
7
Replies

Firewall NAT

Go to solution
pablo.arcelcr
Level 1
Level 1

‎08-24-2017 01:28 PM - edited ‎02-21-2020 06:14 AM

I need to allow to connect to a internet web server using a public IP address. I added this to my ASA 5520.

 

object network Polycom-10.154.10.5
host 10.154.10.5

object network Polycom-10.154.10.5
nat (inside,outside) static 201.201.134.151

access-list Outside_Polycom_in extended permit tcp any object Polycom-10.154.10.5 eq 80

access-list Outside_Polycom_in extended permit tcp any object Polycom-10.154.10.5 eq 443

access-group Outside_Polycom_in in interface Outside

 

I try to access it using the public IP address, but still not connecting.

 

 

 

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Francesco Molino
VIP Alumni
VIP Alumni

‎08-24-2017 05:50 PM

Hi 

 

Do you see something on logs? 

 

Can you run three following command and paste the output in a text file? 

Packet-tracer input outside tcp 8.8.8.8 12345 201.201.134.151 80 detail

 

Thanks 

 

PS: please don't forget to rate helpful answers and select add correct answer if that solves your issue


Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

View solution in original post

0 Helpful
7 Replies 7

Go to solution
Francesco Molino
VIP Alumni
VIP Alumni

‎08-24-2017 05:50 PM

Hi 

 

Do you see something on logs? 

 

Can you run three following command and paste the output in a text file? 

Packet-tracer input outside tcp 8.8.8.8 12345 201.201.134.151 80 detail

 

Thanks 

 

PS: please don't forget to rate helpful answers and select add correct answer if that solves your issue


Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
0 Helpful

Go to solution
pablo.arcelcr
Level 1
Level 1
In response to Francesco Molino

‎08-28-2017 04:26 PM

Hi

 

Please check attached

Preview file
5 KB
0 Helpful

Go to solution
Francesco Molino
VIP Alumni
VIP Alumni
In response to pablo.arcelcr

‎08-28-2017 05:15 PM

Hi

 

It seems to be OK from outside.

Can you do a test internally from you lan, try to telnet the internal IP using the port 80 to see if you get an answer.

 

Are you sure the service http or https is activated on your machine?

 

Thanks

PS: Please don't forget to rate and select as validated answer if this answered your question


Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
0 Helpful

Go to solution
pablo.arcelcr
Level 1
Level 1
In response to Francesco Molino

‎08-28-2017 05:56 PM

It works just fine. The problema is with the External IP Im using for the NAT

0 Helpful

Go to solution
Francesco Molino
VIP Alumni
VIP Alumni
In response to pablo.arcelcr

‎08-28-2017 06:00 PM

Can you send your full config? 

 

Thanks


Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
0 Helpful

Go to solution
Francesco Molino
VIP Alumni
VIP Alumni
In response to pablo.arcelcr

‎08-28-2017 06:03 PM

Does that means it's working now?
If not send also some fw logs when attempting an access to that server from outside.
Thanks

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
0 Helpful

Go to solution
James Davies
Level 1
Level 1

‎08-25-2017 02:16 AM

If this is 8.3 Version or later, Im pretty sure your access list need to be the Public IP.

access-list Outside_Polycom_in extended permit tcp any object Polycom-201.201.134.151 eq 80

access-list Outside_Polycom_in extended permit tcp any object Polycom-201.201.134.151 eq 443

 

Thanks

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card