Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
669
Views
0
Helpful
5
Replies

How to configure Port Forwarding on FTD

Go to solution
naeem-uddin
Level 1
Level 1

‎08-10-2024 02:09 AM

I have internal server which is IP address: 172.16.2.230.

1: how to access this internal server using public IP address from anywhere with port 8787.

Internal-Server: 172.16.2.230:8787

Public-IP-address: 202.60.51.230:8787

2: How to configure Port Forwarding on FTD.

3:

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Rob Ingram
VIP
VIP

‎08-10-2024 02:16 AM

@naeem-uddin you will need to create a static PAT and an access control rule to permit the inbound traffic. There are examples in the following cisco guide. https://www.cisco.com/c/en/us/support/docs/security/firepower-management-center/212702-configure-and-verify-nat-on-ftd.html

If you still have a problem, please provide screenshots of what you have configured.

View solution in original post

0 Helpful
5 Replies 5

Go to solution
Rob Ingram
VIP
VIP

‎08-10-2024 02:16 AM

@naeem-uddin you will need to create a static PAT and an access control rule to permit the inbound traffic. There are examples in the following cisco guide. https://www.cisco.com/c/en/us/support/docs/security/firepower-management-center/212702-configure-and-verify-nat-on-ftd.html

If you still have a problem, please provide screenshots of what you have configured.

0 Helpful

Go to solution
naeem-uddin
Level 1
Level 1

‎08-10-2024 02:26 AM

@Rob Ingram  which rule is apply i have seen two option one is Auto-NAT-Rule and another one is Manual-NAT-Rule? 

0 Helpful

Go to solution
Rob Ingram
VIP
VIP
In response to naeem-uddin

‎08-10-2024 02:35 AM - edited ‎08-10-2024 03:07 AM

@naeem-uddin you need a manual static Auto NAT rule.

0 Helpful

Go to solution
naeem-uddin
Level 1
Level 1
In response to Rob Ingram

‎08-10-2024 02:56 AM

@Rob Ingram  I select Manual-Static-NAT which is four option is available:

Original-Source: Internal-server-IP                Translated Source: Public-IP-address

Original Destination: internal-server-IP          Translated Destination: Public-IP-address

original source port: 8787                               translated source port: 8787

original destination port: 8787                         translated destination port: 8787

kindly check and update

 

0 Helpful

Go to solution
Rob Ingram
VIP
VIP
In response to naeem-uddin

‎08-10-2024 03:06 AM

@naeem-uddin sorry actually, re-reading your initial post, it would be better using Auto NAT.

object network SERVER
  host <internal ip>
  nat (inside,outside) static <public ip> service tcp 8787 8787

Here is an example in ASA syntax, which mirrors FTD, just replicate the logic https://www.practicalnetworking.net/stand-alone/cisco-asa-nat/#staticpat

 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card