I am a newbie for cisco pics and I wanted to add abasic NAT rule to my firewall to allow and redirect FTP requests from internet to one of my public adresses
22.214.171.124 to an internal computer 126.96.36.199.
using the web interface I added one nat rule:
static (outside,inside) 188.8.131.52 184.108.40.206 netmask 255.255.255.255 0 0
and allow incoming ftp requests:
access-list outside_access_in permit tcp host 220.127.116.11 eq ftp host 18.104.22.168 eq ftp
proxy arp is enabled
but when trying to connect from outside to 22.214.171.124 is denied
here is what I got in the log:
106023:Deny tcp src 126.96.36.199x/xxxx dst inside:ftpexternal/21 by access-group "outside_access_in"
ftpexternal stands for 188.8.131.52
Look's like my rule is not correct .
Can any one help me on the matter ?