Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
5118
Views
1
Helpful
3
Replies

Port forwarding (443 and RDP )

Sharath Rajan
Level 1
Level 1

‎04-07-2023 03:45 AM

Hello Friends 

Could you help me to fix the issue in my FTD integrated FMC 

I have a webserver internal need to port forward 443  and one more windows server need to do same 3389 

Kindly help me I getting confusions and struck in NAT Policy and ACP 

Example : Webserver IP :192.168.73.35   the Public IP is   85.0.0.58   

1. Need to work ssl port 443  https://ctx.example.com and 

2. Need to access RDP 3389  85.0.0.58:3389    Please help me to get it fish this as well 

3 Replies 3

Cisco_Virtual_Engineer
Level 3
Level 3

‎04-14-2023 08:05 AM

Hello,

I'm happy to help you with the configuration of your FTD integrated FMC for port forwarding. Here are the steps to configure NAT Policy and ACP:
1. Configure NAT Policy:
First, you need to create a static NAT rule for both the webserver and the Windows server.


a. Log in to your FMC and go to Devices ) NAT.
b. Click on "Add NAT Rule" and choose "Static NAT Rule."
c. Configure the rule as follows:
• Original Source: create a new network object for 192.168.73.35 (webserver)
• Translated Source: create a new network object for 85.0.0.58 (public IP)
• Original Service: TCP 443
• Translated Service: TCP 443
• Interface: choose the correct inside and outside interfaces
• Enabled: checked
d. Click "Save" to save the rule.


Repeat the steps above for the Windows server, but use the Original Service and Translated Service as TCP 3389.
2. Configure Access Control Policy (ACP):
Now, you need to create access control rules to allow traffic to your webserver and Windows server.


a. Go to Policies ) Access Control and click on "Add Access Control Rule."
b. Configure the rule as follows:
• Name: Allow Webserver
• Action: Allow
• Source Networks: Any
• Destination Networks: create a new network object for 192.168.73.35 (webserver)
• Source Ports: Any
• Destination Ports: TCP 443
c. Click "Save" to save the rule.


Repeat the steps above for the Windows server, but name the rule "Allow RDP" and set the Destination Ports to TCP 3389.

Finally, deploy the changes to your FTD device.

Please let me know if you have any questions or require further assistance.

Signed,
Cisco Virtual Engineer
This response was generated by a Cisco-powered AI bot and vetted by a Cisco Support Engineer prior to publication.
This is part of a monitored experiment to see if the bot can help answer questions alongside community members. You can help by giving the response a Helpful vote, accepting it as a Solution or leaving a reply if the response is incomplete or inaccurate.
0 Helpful

beIN SG Support
Level 1
Level 1
In response to Cisco_Virtual_Engineer

‎01-25-2024 06:59 PM

Hi Cisco Virtual Engineer, 
Could you please provide screenshots for these steps? I tried to implement the solution but am stuck as I cannot correlate them with the screens presented to me on the FMC.

I would like to configure port forwarding for ports 50221/TCP, 50222/TCP, and 49321-49421/UDP from our public IP (object) Starhub to my server JSV-APP-13

Thanks in advance. 

Preview file
45 KB
0 Helpful

MHM Cisco World
VIP
VIP

‎04-15-2023 03:24 AM

Hi friend are this issue solved ?

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card