Wanted to make sure I had my syntax right for this. I'm trying to forward a port say 8030 from my outside interface to a host on the inside on 3389.
Here's what I have so far
object network 1.1.1.1
host 1.1.1.1
nat (inside,outside) static interface service tcp 3389 8030
access-list outside_in extended permit tcp any host 1.1.1.1 eq 8030
Trying to get this to work and I'm not seeing any hits on my outside ACL.
Solved! Go to Solution.
access-list outside_in extended permit tcp any host 1.1.1.1 eq 3389
access-list outside_in extended permit tcp any host 1.1.1.1 eq 3389
Worked like a charm once I put the real port in the outside ACL. Thanks Karsten.
NAT Syntax looks ok to me, just need to check the ACL port to . You can use this guide as reference:
https://supportforums.cisco.com/document/132066/asa-nat-83-nat-operation-and-configuration-format-cli#NETWORK-OBJECT-NAT
Can you run a packet-tracer from outside to inside to see what happens to the packet?
packet-tracer input outside tcp 4.2.2.2 12345 <public interface ip> 8030 detailed