Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1045
Views
5
Helpful
8
Replies

can't access wifi router behind firewall

ranasaadnoori
Level 1
Level 1

‎10-13-2021 02:39 AM

hi,

I have a wifi router behind firewall, i am trying to reach wifi web management from firewall outside interface but its not responding any idea i am not expert on asa appliances ( asa5520)

i tried access list on outside interface

wifi wan management is enabled on ip 192.168.150.9 port 80 

i used access list settings on asa5520 as follows:

access list wifi-out extended permit tcp any host 192.168.150.9 eq 80

access-group wifi-out in interface outside

 

Labels:
8 Replies 8

balaji.bandi
Hall of Fame
Hall of Fame

‎10-13-2021 06:38 AM

what is the source IP coming from ?

 

https://www.cisco.com/c/en/us/td/docs/security/asa/asa96/configuration/firewall/asa-96-firewall-config/access-acls.html

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

ranasaadnoori
Level 1
Level 1
In response to balaji.bandi

‎10-13-2021 03:18 PM

The source ip is network address 192.168.200.6 behind a router and i do have routes to 192.168.150.0 network.

0 Helpful

Georg Pauwen
VIP
VIP
In response to ranasaadnoori

‎10-13-2021 03:53 PM

Hello,

 

can 192.168.150.9 ping 192.168.200.6 ? Do you have any NAT configured ?

 

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to ranasaadnoori

‎10-14-2021 06:46 AM 

hostname(config)# object network server1
hostname(config-network-object)# host 192.168.150.9
hostname(config-network-object)# nat (inside,outside) static interface service tcp 80 80

hostname(config)# access-list OUTSIDE extended permit tcp any object server1 eq 80

 

from above document share modilfied to fit your needs.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

ranasaadnoori
Level 1
Level 1
In response to balaji.bandi

‎10-24-2021 10:51 PM

i did actually try the port nat but didnt work , i think its because i have another nat on outside interface on port 1009 port for printer 

0 Helpful

paul driver
VIP
VIP

‎10-14-2021 12:02 AM - edited ‎10-14-2021 12:02 AM

Hello

I assume the ASA is perfroming NAT, try the following:

object network Wifi_http
host 192.168.150.9
nat (inside,outside) static interface service tcp www www
access-list 100 extended permit tcp any object Wifi_http eq www


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful

ranasaadnoori
Level 1
Level 1
In response to paul driver

‎10-24-2021 10:55 PM

do have nat, as explained above for balaji.banadi

0 Helpful

Georg Pauwen
VIP
VIP
In response to ranasaadnoori

‎10-24-2021 11:21 PM

Hello,

 

post the full running configuration of your ASA (sh run)...

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card