Solved: Port forwording ASA 5520

Kurt Warner · ‎03-18-2015

Never done port forwarding before , not really sure how to do it. I have a cisco ASA 5520 running version 8.2 , I Do most of my set up with the ASDM.

I need to set up a port forwarding on the outside interface 70.xx.xx.66

so traffic bound for 70.xx.xx.66 ( main internet ip) hits ports 21012 ,21010, 21011

then the traffic would be forwarded to inside addy 10.x.x.x port 8887 ,80, 443 .

any help would rock

Lovleen Arora · ‎03-18-2015

I can tell you the CLi script of the same.

you will need 2x things for each port-forwarding (one ACL entry and one STATIC NAT entry)

static (inside,outside) tcp 70.x.x.x 21012 10.x.x.x 8887 netmask 255.255.255.255 0 0
static (inside,outside) tcp 70.x.x.x 21010 10.x.x.x 80 netmask 255.255.255.255 0 0
static (inside,outside) tcp 70.x.x.x 21011 10.x.x.x 443 netmask 255.255.255.255 0 0

access-group OUTSIDE_IN in interface outside

access-list OUTSIDE_IN ext permit tcp any 70.x.x.x eq 21012
access-list OUTSIDE_IN ext permit tcp any 70.x.x.x eq 21010
access-list OUTSIDE_IN ext permit tcp any 70.x.x.x eq 21011

Let me know if any issues.

Please mark answer as correct if it works.

View solution in original post

Lovleen Arora · ‎03-18-2015