12-12-2007 02:50 PM - edited 03-12-2019 05:50 PM
Need to forward a range of ports from the outside to the inside. I have statics in there and ACLs that are forwarding one port per ACL. Now I have a VOIP adapter and it wants a range of ports forwarded to it.
Thanks everyone
12-12-2007 07:47 PM
You need to create a service object-group with the range needed. In your inbound ACL you use the object-group instead of the port.
Service object-group
Example:
object-group service VOIP udp
port-object range 1000 2000
access-list outside->inside permit udp any external_IP object-group VOIP
Hope this helps!
Chad
Please rate if helpful.
12-12-2007 08:15 PM
or...
access-list outside_acl permit tcp any host x.x.x.x range 1-10
as an example...
unless you're going to reuse the object-group in another acl entry, you dont need it.
12-12-2007 10:18 PM
Hope You don't mind if I join the discussion...
Ok for the access list use of object groups and range options, this takes care of the filter issue and surely works if you have a static nat statement, but what if you have port forwarding instead of static nat, is there a similar "trick" in order to forward a entire range of ports in a single statement?
Tnx,
Max.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: