Solved: Static NAT and access from out side in ASA 8.4

rehan_uet · ‎08-25-2011

I have configured Static NAT on ASA 8.4; and opened the telnet access through following configuration but it is not working. Could somebody help me that what mistake I am making in my configuration

interface Ethernet0/0
nameif outside
security-level 0
ip address 119.36.105.210 255.255.255.240
!
interface Ethernet0/1
nameif inside
security-level 100
ip address 192.168.117.1 255.255.255.0

hostname(config)# object network Router_A

hostname(config-network-object)# host 192.168.117.2

hostname(config-network-object)# nat (inside,outside) static 119.36.105.211

hostname(config)# access-list ACCESS-TO-SERVER extended permit tcp any host 119.36.105.211 eq telnet

hostname(confi)# access-group ACCESS-TO-SERVER in interface outside

The host (router) 192.168.117.2 can access internet after this configuration but telnet is not possible from outside.

varrao · ‎08-25-2011

Hi Rehan,

Just one small thing missing:

Access-list should be:

hostname(config)# access-list ACCESS-TO-SERVER extended permit tcp any host 192.168.117.2 eq telnet

You need to use the private ip of the server instead of public ip in 8.4 nat.

Hope this helps

Thanks,

Varun

Thanks,
Varun Rao

View solution in original post

varrao · ‎08-25-2011