ACL HELP! Need Access to to LAN Address and Port from WAN

wedwards · ‎02-25-2012

I need to be able to access a private ip address of 192.168.1.50 through the TCP port 100 from anywhere on the WAN side (Static IP). What ACL rule do I need to create? and how do you enable that rule? The router is a CISCO 1921.

Any help would be greatly appreciated!!!

Richard Burts · ‎02-25-2012

Wesley

I believe that what you need is a static translation which specifies that any traffic incoming to the static IP of your router on port TCP 100 will be translated to the inside private address of 192.168.1.50 on TCP 100.

HTH

Rick

HTH

Rick

wedwards · ‎02-25-2012

Thanks Rick, I have tried various programming for this but I am unable to program properly. What would the configuration programming look like for your solution?

llamaw0rksE · ‎03-09-2012

Your basically asking for unsolicited traffic to get to that IP and that port. Much like accessing a private server on the private LAN. If this is the case here are the parameters...

a. You need an ACL to permit traffiic inbound (typically this is implicity blocked lower sec to higher sec interface).

b. Once passed the firewall the traffic has to be routed-translated to the real IP. (as stated via Static NAT rule).

An ACL rule structure and Static NAT rule structure are defined by your router and firmware version being used.

I only am using an ASA5505 vers 8.43 and thus probably mammary gland useless in your case.

Read up on configuring both and any examples you can find.