Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
475
Views
0
Helpful
7
Replies

Port Redirection

Go to solution
sgoethals1
Level 1
Level 1

‎08-13-2007 10:48 AM - edited ‎03-11-2019 03:57 AM

Hi,

I would like to redirect the typical SQL port (1433) on my outside IP address to a specific address on the inside and at the same time, use a different port number. However, I must have something messed up in the config, as I can't make it happen. I chose a random port 7505/7506 on the outside as the port my clients would use to connect to the SQL server on the inside. I am not sure if I am doing this correctly, but would appreciate any help....thanks.

access-list outside_access_in permit tcp any host x.x.x.109 eq 7505

access-list outside_access_in permit tcp any host x.x.x.109 eq 7506

static (outside,inside) tcp 192.168.0.109 1433 x.x.x.109 7505 netmask 255.255.255.255 0 0

static (outside,inside) tcp 192.168.0.109 1434 x.x.x.109 7506 netmask 255.255.255.255 0 0

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
srue
Level 7
Level 7
In response to sgoethals1

‎08-13-2007 11:35 AM

yes, remove your previous static entries, add the ones I first suggested, and you should be ok.

View solution in original post

0 Helpful
7 Replies 7

Go to solution
srue
Level 7
Level 7

‎08-13-2007 10:55 AM

static (inside,outside) tcp x.x.x.109 7505 192.168.0.109 1433

static (inside,outside) tcp x.x.x.109 7506 192.168.0.109 1434

0 Helpful

Go to solution
acomiskey
Level 10
Level 10
In response to srue

‎08-13-2007 11:01 AM

and...

access-list outside_access_in permit tcp any host x.x.x.109 eq 7505

access-list outside_access_in permit tcp any host x.x.x.109 eq 7506

0 Helpful

Go to solution
srue
Level 7
Level 7
In response to acomiskey

‎08-13-2007 11:07 AM

he already had those.

0 Helpful

Go to solution
acomiskey
Level 10
Level 10
In response to srue

‎08-13-2007 11:12 AM

I'm aware of that, I wanted to make sure he didn't put...

access-list outside_access_in permit tcp any host x.x.x.109 eq 1433

access-list outside_access_in permit tcp any host x.x.x.109 eq 1434

0 Helpful

Go to solution
sgoethals1
Level 1
Level 1
In response to acomiskey

‎08-13-2007 11:33 AM

Ok, let me make sure I understand both replies. I only need to change the static statements that I originally listed with those that were posted. I don't need my originals and the posted ones...right? Since mine said static (outside,inside), and the reply showed static (indide,outside), I just want to make sure that I only needed the correction you folks provided. sorry for my ignorance.

0 Helpful

Go to solution
srue
Level 7
Level 7
In response to sgoethals1

‎08-13-2007 11:35 AM

yes, remove your previous static entries, add the ones I first suggested, and you should be ok.

0 Helpful

Go to solution
sgoethals1
Level 1
Level 1
In response to srue

‎08-13-2007 12:04 PM

Works Great! Thanks...one thing I noticed however, is that once I put these settings in, I can no longer ping the external address x.x.x.109 (from the outside). In addition to the STATIC entry redirecting the ports, can I have a standard entry just for translation of other traffic destined to the external address.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card