Port Forwarding on CIsco asa5512 ASA Version:- 8.6(1)2

Darshin Gadhia · ‎12-12-2016

Dear Team

as per above ASA version how can we able to do port forwarding for my internal server.

Public IP: 111.x.x.x LAN IP: 10.x.x.x port need to be forward is:- 80

network flow like Host (From INternet) --> Outside Interface (ASA) Inside --> LAN Server IP.

Karsten Iwen · ‎12-12-2016

For that, an easy way is to configure object/auto-NAT:

object network SERVER
 host 10.x.x.x
 nat (inside,outside) static 111.x.x.x service tcp 80 80

Make sure that there is no other conflicting NAT above this rule.

On the outside interface you need to allow this traffic (if you already have an ACL applied to that interface, use that one):

access-list OUTSIDE-IN permit tcp any object SERVER eq 80
access-group OUTSIDE-IN in interface outside

Darshin Gadhia · ‎12-12-2016

Thanks Karssten

will check and reward you.

Regards,

Darshin

cofee · ‎12-12-2016

Hello Darshin,

This is what you need:

object network obj_10.10.10.20
host 10.10.10.20
nat (inside,outside) static 111.111.111.15 service tcp http http

GRANT3779 · ‎12-12-2016

Hi Darshin,

There is already a wealth of information on this question and a great document on the ASA NAT in general (8.3+) -

https://supportforums.cisco.com/document/132066/asa-nat-83-nat-operation-and-configuration-format-cli

And you will mot likely find your answer there and gain a bit more understanding on the NAT process.

Credit to Jouni Forss

Darshin Gadhia · ‎12-12-2016

hi

thanks for sending document for same it seems very useful.

regards,

darshin