09-07-2021 04:47 PM - edited 09-07-2021 05:14 PM
Hello, I am trying to figure out why NATing with certain ports on the ASA is failing. It seems when I try to NAT ports 22 or 443 on the inside of my network I do not get successful connections but if I take and modify the NAT to a different port that typically does expect encrypted traffic it works
Here I am NATing an internal host to my outside internet IP address
OUTSIDE x.x.x.x:8000 <-> x.x.x.x:22 INSIDE
I am using a basic python web server listening on port 22
When I try to connect, I see the session being built but then see SYS timeouts shortly after.
If I change the internal port from 22 to 8422 or any non-encrypted port it works with no issues.
I am using the same python webserver for each test only changing what port it's listening on.
Any ideas on why this would be happening? The external port never changes only the internal port. Any help would be appreciated
Solved! Go to Solution.
09-07-2021 06:01 PM
Sorry guys it turned out to be an access-list on an upstream router blocking ports 443 and 22.
09-07-2021 06:01 PM
Sorry guys it turned out to be an access-list on an upstream router blocking ports 443 and 22.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide