04-19-2011 03:27 PM - edited 03-11-2019 01:23 PM
Hi
Can anybody help me with a question I have regarding port redirection? Can we port forward two private IPs to the same public IP ?
I have the following statements
static (inside,outside) tcp 1.1.1.1 https 192.168.15.112 https netmask 255.255.255.255 0 0
static (inside,outside) tcp 1.1.1.1 8443 192.168.15.159 8443 netmask 255.255.255.255 0 0
But with this iam not able to reach https:\\1.1.1.1:8443
Access lists have also been configured as follows:
access-list out_in permit tcp any host 1.1.1.1 eq https
access-list out_in permit tcp any host 1.1.1.1 eq 8443
04-19-2011 03:45 PM
are you able to reach https://192.168.15.159:8443 internally ??
04-20-2011 08:25 AM
Hi , I am able to reach it internally
04-20-2011 09:39 AM
Hi Mohan,
another question , are you you trying to reach the publicip @ port 8443 from inside you network ? or this isn't working from outside as well ?
Manish
04-20-2011 11:05 AM
Hi Manish
I am not able to access it from outside.
04-20-2011 11:25 AM
Please post the output of following :-
asa#packet-tracer input outside tcp 4.2.2.2 55555 X.X.X.X 8443 detailed
where x.x.x.x = your external public ip
Also, do asa# sh logging and paste the logs that you see for X.X.X.X/844 if any
Manish
04-21-2011 09:51 AM
Hi Manish
I got it fixed. All I had to do is a "clear xlate" to clear and re-establish the NAT sessions. What happened was the statement "static(inside,outside) 1.1.1.1 192.168.15.112 " was already existing before I put in the static NAT statements I mentioned earlier and everything directed to 1.1.1.1 was getting NATTED to 192.168.15.112. After I cleared the NAT sessions, it started working. Sorry that I didn't mention about the existisng static statement before
Thanks a lot for your help
04-21-2011 09:58 AM
Happy to hear that it's working
Manish
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide