09-08-2010 07:23 AM - edited 03-11-2019 11:37 AM
I'm new to Cisco and am unsure that the posts I've seen answer my question, so I thought I'd ask it directly:
We have a ASA5510 version 7.0(8); our public ip is 216.220.232.224
How can I open TCP ports 3230 - 3243 and UDP ports 3230 - 3285 for 192.168.0.225 for anyone in the outside world?
Would it be something like this in the CLI?
access-list outside_access_in extended permit tcp any host 216.220.232.224 range 3230 3243
static (inside, outside) interface 192.168.0.225 216.220.232.224 netmask 255.255.255.255
access-group outside_access_in in interface outside
access-list outside_access_in extended permit udp any host 216.220.232.224 range 3230 3285
static (inside, outside) interface 192.168.0.225 216.220.232.224 netmask 255.255.255.255
access-group outside_access_in in interface outside
Solved! Go to Solution.
09-08-2010 07:29 AM
Also need to correct the syntax for the static:
static (inside, outside) interface 192.168.0.225 216.220.232.224 netmask 255.255.255.255
Should be:
static (inside,outside) 216.220.232.224 192.168.0.225
Federico.
09-08-2010 07:28 AM
Hi,
Exactly.
But you only need this:
access-list outside_access_in extended permit tcp any host 216.220.232.224 range 3230 3243
access-list outside_access_in extended permit udp any host 216.220.232.224 range 3230 3285
static (inside, outside) interface 192.168.0.225 216.220.232.224 netmask 255.255.255.255
access-group outside_access_in in interface outside
Federico.
09-08-2010 07:29 AM
Also need to correct the syntax for the static:
static (inside, outside) interface 192.168.0.225 216.220.232.224 netmask 255.255.255.255
Should be:
static (inside,outside) 216.220.232.224 192.168.0.225
Federico.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide