cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1751
Views
0
Helpful
5
Replies

How to configure Port Forwarding on FTD

naeem-uddin
Level 1
Level 1

I have internal server which is IP address: 172.16.2.230.

1: how to access this internal server using public IP address from anywhere with port 8787.

Internal-Server: 172.16.2.230:8787

Public-IP-address: 202.60.51.230:8787

2: How to configure Port Forwarding on FTD.

3:

1 Accepted Solution

Accepted Solutions

@naeem-uddin you will need to create a static PAT and an access control rule to permit the inbound traffic. There are examples in the following cisco guide. https://www.cisco.com/c/en/us/support/docs/security/firepower-management-center/212702-configure-and-verify-nat-on-ftd.html

If you still have a problem, please provide screenshots of what you have configured.

View solution in original post

5 Replies 5

@naeem-uddin you will need to create a static PAT and an access control rule to permit the inbound traffic. There are examples in the following cisco guide. https://www.cisco.com/c/en/us/support/docs/security/firepower-management-center/212702-configure-and-verify-nat-on-ftd.html

If you still have a problem, please provide screenshots of what you have configured.

naeem-uddin
Level 1
Level 1

@Rob Ingram  which rule is apply i have seen two option one is Auto-NAT-Rule and another one is Manual-NAT-Rule? 

@naeem-uddin you need a manual static Auto NAT rule.

@Rob Ingram  I select Manual-Static-NAT which is four option is available:

Original-Source: Internal-server-IP                Translated Source: Public-IP-address

Original Destination: internal-server-IP          Translated Destination: Public-IP-address

original source port: 8787                               translated source port: 8787

original destination port: 8787                         translated destination port: 8787

kindly check and update

 

@naeem-uddin sorry actually, re-reading your initial post, it would be better using Auto NAT.

object network SERVER
  host <internal ip>
  nat (inside,outside) static <public ip> service tcp 8787 8787

Here is an example in ASA syntax, which mirrors FTD, just replicate the logic https://www.practicalnetworking.net/stand-alone/cisco-asa-nat/#staticpat

 

Review Cisco Networking for a $25 gift card