11-12-2007 07:44 AM - edited 02-21-2020 01:47 AM
I have recently inherited a network with an ASA 5505 at a remote office. Users there have a server that needs to be accessible from the outside. I would like to put this server in a DMZ and use port forwarding (I have the security plus license already installed). I can only find the ASDM instructions for this - there has to be CLI commands for this. Can someone please respond with either the instuctions or the link where I can find them?
11-12-2007 09:03 AM
Will you be using the ASA outside interface IP? if so this thread should get you up and running for port forwarding , replace your static entry to reflect DMZ interface , static(DMZ,outside) etc.. , come back if any questions.
11-12-2007 06:59 PM
First of all - thank you - both for your response.
Yes - the ASA outside interface IP will be used for the server as well.
Here is what I have created so far
An Object-group:
Object-group service SERVER tcp
description TCP Passthrough Ports
Port-object range XXXX-XXXX
Port-object range xxxx-xxxx
Port-object range eq xxxxx
An access list outside_access_in:
access-list outside_access_in extended permit tcp any host (outside IP) object-group SERVER
And applied this access list to the outside interface:
access-group outside_access_in in interface outside
Is this correct?
Would the static look like this?
static (DMZ,outside) (outside IP) (DMZ server IP) netmask 255.255.255.255
Do I need a global (outside) statement?
11-13-2007 05:24 AM
your static should look as :
static (DMZ,outside) interface
for global leave as is if Im not mistaken it should already have statement as " global (outside) 1 interface "
11-14-2007 03:23 PM
This worked! Thank you much!
11-12-2007 09:32 AM
Hello,
Here is an example of the configuration guide for PIX and ASA version 7.2, check it out and use for further reference.
11-12-2007 09:33 AM
Ups!!! sorry, here is the link:
http://www.cisco.com/en/US/docs/security/asa/asa72/configuration/guide/cfgnat.html#wp1043281
11-14-2007 03:23 PM
Thank you - I have been looking for this without luck.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide