change destination port PIX ASA

Unanswered Question
Feb 1st, 2007

Hi there,

I am using a ASA 5510 and want to do a NAT translation, but when the traffic leaves the outside interface the destination port must be changed and the source IP address must be changed too.

Here is an example:

FTP traffic is destined for IP address 10.10.10.1

Source traffic is generated from 192.168.1.0 255.255.255.0

the new destination port (tcp) is i.e 5400

FTP from 192.168.1.x --> ASA --> FTP traffic to 10.10.10.1 but with destination port 5400 and the source ip address is from a pool on the outside interface

Hope you can help !

Greetings,

Mathijs

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
talisman1310 Thu, 02/01/2007 - 08:21

Can you confirm the purpose of doing this translations?

for example if the inside host is trying to access a http server and if the firewall is going to change the destiantion port to say 6000( for which the service might not be running in the server)then no connection will be established.

Correct me if i am wrong....

Also please check the syntax for static translation command in the ASA.

mathijsbuza Thu, 02/01/2007 - 23:53

Talisman, first I want to say thnx for your reply.

I want to connect to a FTP server which listens on an different port than 21.

I think I can not use a static translation, because the rule is used for multiple workstations.

Actions

This Discussion