I have the following configuration on a Cisco ASA 8.2(5), all the traffic to the port 5000 and www 80 it's forward throught static NAT but i can't access to a FTP SERVER Windows and FTP Server Linux. ATtach is the configuration I would like to know what is causing the problems.
The FTP Server Are running locally without any problems, when I try to reach it for the Outside interface then i can't, this is in the only port i can't forward.
I really appreciate your help.
ASA Version 8.2(5)
enable password dAWCvYvyr2FRISo5 encrypted
passwd dAWCvYvyr2FRISo5 encrypted
switchport access vlan 2
ip address 192.168.1.2 255.255.255.0
ip address dhcp setroute
ftp mode passive
dns domain-lookup outside
dns server-group DefaultDNS
same-security-traffic permit intra-interface
object-group service TEST2 tcp
port-object eq www
port-object eq https
access-list 101 extended permit ip 192.168.1.0 255.255.255.0 192.168.1.0 255.255
access-list 101 extended permit icmp any interface outside echo-reply
access-list 101 extended permit udp any any eq 5000
access-list 101 extended permit udp any any eq ntp
access-list 101 extended permit udp any 192.168.1.0 255.255.255.0 eq tftp
access-list 102 extended permit icmp any interface outside echo-reply
access-list 102 extended permit icmp any interface outside
access-list 102 extended permit ip any host 192.168.1.5
access-list 102 extended permit tcp any host 192.168.1.5 eq 5000
access-list 102 extended permit tcp any interface outside eq 5000
access-list 102 extended permit tcp any host 192.168.1.5 eq https
access-list 102 extended permit tcp any any eq 5000
access-list 102 extended permit ip any host 192.168.1.8
access-list 102 extended permit tcp any any eq telnet
access-list 102 extended permit tcp any interface outside object-group TEST2
access-list 102 extended permit ip any 192.168.1.0 255.255.255.0
access-list 102 extended permit tcp any interface outside eq www
access-list 102 extended permit tcp any interface outside eq ftp
access-list 102 extended permit tcp any interface outside eq ftp-data
access-list 103 extended permit udp any 192.168.1.0 255.255.255.0 eq tftp
I observed whenever “Inline Result” generated “would have dropped” action , traffic processed by the IPS Policy ( INTPOL-01v1 from the Image ) which is called at Advanced Section of Actual Policy ( Perim-01 1st Image ). Even though “...
Hello, Outgoing and/ or incoming mail flow has/have huge delays, mails are not delivered to specific domains and multiple smtp error messages are observed. Unfortunately, it happened to our appliances 3 times in 2021 for different reasons ...
Hello All, Our client has multiple large deployments with 25-40 nodes in each cluster. These are all physical boxes. Some are SNS 3595 and some are the newer 3695. We monitor these servers using syslog and SNMP on splunk and NNMi. Currently we monito...
I have a group and child groups. I can separately assign Endpoint versions to each group in the Product Updates section of their respective policy object. If I set the policy at the parent group to offer a new version of the Endpoint in the Product Update...