Hello, I've got an ASA5505 and a Cisco UMI on my home network. I've been told I need to open the following ports: 3478 - UDP 443 - TCP 16384-32766 UDP 123 NTP 5222 TCP/UDP 5111 TCP/UDP I'm no security wizard. I used the example of port forwarding to the web server in the DMZ as the foundation of my configuration. I realize in the DMZ port forward example the request are initiated from the outside and in my case the request are initiated from the inside. So I'm guessing this is a bit off. I created a Service Group called UMI_Ports with all the ports listed above and a network object Cisco-UMI using the static address is assigned, 192.168.1.121. I created an Access Rule on the outside interface, source any, destination Cisco-UMI permit. and a NAT Rule UMI-Server, Host, IP 192.3168.1.121, type Static, on the outside. I didn't know what to do in the advanced screen so I left it blank. The Web DMZ example only has one protocol (80) so it doesn't exactly fit my case. Then I created a static route, but I didn't know the ISP GW. What do I out there? Here's the diagram UMI (192.168.1.121) --> layer 2 switch ----> ASA inside interface (192.168.1.1) --> ASA outside interface DHCP address provided by ISP. Any help would be appriciated.
... View more