Showing results for 
Search instead for 
Did you mean: 
Join Customer Connection to register!

Forward tcp port to server on LAN - Cisco 5510

Due to departure of our IT guru I am left to manage our Cisco appliances so please excuse my poor basic knowledge, hopefully this site will help that improve!

I need to forward traffic from an Amazon server to an internal server with a SQL database on it so need to forward TCP 1433 to an internal IP ( I have created an access rule to allow the amazon IPP through on 1433 but I am unsure how to point the traffic to the SQL server on the LAN.

I expect I will need to create a NAT rule to do this but cannot see how to achieve it.

I have another problem concerning a site to site VPN which establishes OK but does not pass traffic, I will post that question separately.

Any assistance would be gratefully received.



What version of code are you running on the 5510? Issue the "sh ver" command to determine.


Hi James, thanks for your reply, the result of the command: "sh ver" is below - hope you can assist

Cisco Adaptive Security Appliance Software Version 8.2(1)

Device Manager Version 6.2(3)

Compiled on Tue 05-May-09 22:45 by builders

System image file is "disk0:/asa821-k8.bin"

Config file at boot was "startup-config"

Fusion-FW02 up 10 days 18 hours

Hardware:   ASA5510, 1024 MB RAM, CPU Pentium 4 Celeron 1600 MHz

Internal ATA Compact Flash, 256MB

BIOS Flash Firmware Hub @ 0xffe00000, 1024KB

Encryption hardware device : Cisco ASA-55x0 on-board accelerator (revision 0x0)

                             Boot microcode   :  CN1000-MC-BOOT-2.00

                             SSL/IKE microcode:  CNLite-MC-SSLm-PLUS-2.03

                             IPSec microcode  :  CNlite-MC-IPSECm-MAIN-2.04

0: Ext: Ethernet0/0         : address is d0d0.fd1d.5b64, irq 9

1: Ext: Ethernet0/1         : address is d0d0.fd1d.5b65, irq 9

2: Ext: Ethernet0/2         : address is d0d0.fd1d.5b66, irq 9

3: Ext: Ethernet0/3         : address is d0d0.fd1d.5b67, irq 9

4: Ext: Management0/0       : address is d0d0.fd1d.5b68, irq 11

5: Int: Not used            : irq 11

6: Int: Not used            : irq 5

Licensed features for this platform:

Maximum Physical Interfaces  : Unlimited

Maximum VLANs                : 100      

Inside Hosts                 : Unlimited

Failover                     : Active/Active

VPN-DES                      : Enabled  

VPN-3DES-AES                 : Enabled  

Security Contexts            : 2        

GTP/GPRS                     : Disabled 

SSL VPN Peers                : 2        

Total VPN Peers              : 250      

Shared License               : Disabled

AnyConnect for Mobile        : Disabled 

AnyConnect for Linksys phone : Disabled 

AnyConnect Essentials        : Disabled 

Advanced Endpoint Assessment : Disabled 

UC Phone Proxy Sessions      : 2        

Total UC Proxy Sessions      : 2        

Botnet Traffic Filter        : Disabled 

This platform has an ASA 5510 Security Plus license.