02-12-2012 08:54 PM - edited 03-11-2019 03:28 PM
Dear Expert,
now i have some issue that i use portforwarding from outside to inside and DMZ to inside.
now i have lap first from ASA e0/0 to PC1 (outside) and PC2 eth0/1 (inside) and PC3 eth0//2 (DMZ)
from inside can ping to outside but outside cannot access into inside.
this command that i used :
access-list outside_acl_in extended permit tcp any host 10.51.51.1 eq 80
static (inside,outside) tcp inter 10.10.10.1 netmask 255.255.255.255
is it correct on this command?
------------------------------------------------------------------------------------------------------------------------------------------------
any way i want to allow from DMZ to inside also but is still not work
access-list dmz_acl_in extended permit tcp any host 20.20.20.1 eq 3389
static (inside,dmz) tcp inter 10.10.10.1 netmask 255.255.255.255
this command above is not working but is use this command as bellow is working, i don't know why?
access-list dmz_acl_in extended permit tcp any host 10.10.10.1 eq 3389
static (inside,DMZ) 10.10.10.1 10.10.10.1 netmask 255.255.255.255
Could you help me on this issue?
which command that allow from outside to inside?
which command that allow from DMZ to inside?
which command that allow from ouside to DMZ?
Note: i use IOS ver: ASA Version 8.0(4)
Best Regards,
Join
02-13-2012 04:56 PM
Hello Join,
I do not fully understand your english but here we go!
access-list outside_acl_in extended permit tcp any host 10.51.51.1 eq 80
static (inside,outside) tcp inter 10.10.10.1 netmask 255.255.255.255
No, it is not correct. If you want to allow incoming traffic on port 20 to the outside interface to be redirected to 10.10.10.1
it should be:
static (inside,outside) tcp inter 80 10.10.10.1 80 netmask 255.255.255.255
access-list outside_acl_in extended permit tcp any host outside_interface_ip eq 80
Same thing with the other requests,
Do rate all the helpful posts!!!
Julio
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide