Port Redirection query

mukundh86 · ‎04-19-2011

Hi

Can anybody help me with a question I have regarding port redirection? Can we port forward two private IPs to the same public IP ?

I have the following statements

static (inside,outside) tcp 1.1.1.1 https 192.168.15.112 https netmask 255.255.255.255 0 0

static (inside,outside) tcp 1.1.1.1 8443 192.168.15.159 8443 netmask 255.255.255.255 0 0

But with this iam not able to reach https:\\1.1.1.1:8443

Access lists have also been configured as follows:

access-list out_in permit tcp any host 1.1.1.1 eq https

access-list out_in permit tcp any host 1.1.1.1 eq 8443

manish arora · ‎04-19-2011

are you able to reach https://192.168.15.159:8443 internally ??

mukundh86 · ‎04-20-2011

Hi , I am able to reach it internally

manish arora · ‎04-20-2011

Hi Mohan,

another question , are you you trying to reach the publicip @ port 8443 from inside you network ? or this isn't working from outside as well ?

Manish

mukundh86 · ‎04-20-2011

Hi Manish

I am not able to access it from outside.

manish arora · ‎04-20-2011

Please post the output of following :-

asa#packet-tracer input outside tcp 4.2.2.2 55555 X.X.X.X 8443 detailed

where x.x.x.x = your external public ip

Also, do asa# sh logging and paste the logs that you see for X.X.X.X/844 if any

Manish

mukundh86 · ‎04-21-2011

Hi Manish

I got it fixed. All I had to do is a "clear xlate" to clear and re-establish the NAT sessions. What happened was the statement "static(inside,outside) 1.1.1.1 192.168.15.112 " was already existing before I put in the static NAT statements I mentioned earlier and everything directed to 1.1.1.1 was getting NATTED to 192.168.15.112. After I cleared the NAT sessions, it started working. Sorry that I didn't mention about the existisng static statement before

Thanks a lot for your help

manish arora · ‎04-21-2011

Happy to hear that it's working

Manish