I am trying to configure an ASA5510 (v7.12) to allow an inbound connection over TCP port 9000. I have a web server on the inside that is listening on port 9000 (http://192.168.1.1:9000)
I have setup a static NAT:
static (inside,outside) 220.127.116.11 192.168.1.1 netmask 255.255.255.255
and the access rule:
access-list outside_in extended permit tcp any host 18.104.22.168 eq 9000
Clients on the inside can reach the web server, but those outside the firewall are getting an unable to connect error.
What am I missing? This should be really straighforward.