12-16-2021 11:28 PM
compliments of the season Cisco community.
I want to grant permission (CLI) to any client outside, to access a tcp service on server within my LAN with IP 10.30.0.3
I entered the instructions below but still can't access the service from outside. please can someone tell me what's wrong.
# object network outside_to_inside
# host 10.30.0.3
# nat (inside,outside) static interface service tcp 80 80
# access-list outsideToInside permit tcp any host 10.30.0.3 eq 80
# access-group outsideToInside in interface outside
please can someone help?
12-17-2021 12:02 AM
@abaku the configuration seems ok. Can you run packet-tracer from the CLI and provide the output. Example:- "packet-tracer input outside tcp 8.8.8.8 3000 <your outside interface ip> 80"
12-17-2021 07:55 PM
hi,
NAT config looks fine. are you sure your server uses TCP port 80 to provide CLI access?
is ASA able to ping10.30.0.3? ensure there's a route configured for 10.30.x.x and server IP settings, port/service are correct.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide