My name is Pete Long (Born 15/07/70) I live in Middlesbrough in the North East of England. I’ve worked in IT full time since leaving the forces (Royal Engineers) and retraining here
I’ve held first, second, and third line support roles. I’ve also been employed as both an IT project manager and Technical Consultant
I'm converting an old 5510 config form 8.2 to run on a 5508-X running 9.8(24). Ive done a lot of these so Im quite confident, however the old firewall has this in the config;
! access-list inside_nat_static extended permit tcp host 192.168.1.100 eq 4443 any access-list inside_nat_static_1 extended permit tcp host 192.168.1.100 eq 8080 any ! static (inside,outside) tcp 184.108.40.206 https access-list inside_nat_static static (inside,outside) tcp 220.127.116.11 www access-list inside_nat_static_1 !
I'm not really used to seeing this but this is what Ive come up with to replace it;
! object network OBJ-18.104.22.168 host 22.214.171.124 object network OBJ-192.168.1.100 host 192.168.1.100 object service OBJ-TCP-4443 service TCP source eq 4443 object service OBJ-TCP-8080 service TCP source eq 8080 ! object service OBJ-TCP-HTTPS service TCP source eq https ! object service OBJ-TCP-WWW service TCP source eq www ! nat (inside,outside) source static OBJ-192.168.1.100 OBJ-192.168.1.100 destination static OBJ-126.96.36.199 OBJ-188.8.131.52 service OBJ-TCP-4443 OBJ-TCP-HTTPS nat (inside,outside) source static OBJ-192.168.1.100 OBJ-192.168.1.100 destination static OBJ-184.108.40.206 OBJ-220.127.116.11 service OBJ-TCP-8080 OBJ-TCP-WWW !
IS THAT CORRECT? Have I made a mistake? (this firewall wont be going live for a while) So Id like a second opinion.
... View more