Port redirect with ASA - From inside to inside host

Unanswered Question
Jun 16th, 2008

Hi all, is there any way to make a NAT with ASA that... catch the port 80 and redirect to a port 8080 in a internal server?

I know that with iptables i can do it.. but... with ASA i dont know if its possible... could anyone help me?

I have read some post in this forum about it.. but.. im trying to find a solution for this issue.



I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Fernando_Meza Mon, 06/16/2008 - 16:24


Yes you can use static translation for that. For example if you need to translate an incoming connection on port 80 to a server listening on port 8080 what you need to do is define the respective interfaces where the packet is coming from and where the server sits. i.e

static (inside,outside) tcp 80 8080

The above command allows any tcp/80 to connection initiated from the OUTSIDE side of the firewall to be translated to TCP/8080 on server which is located behind the INSIDE interface.

You will also need to modify any access list applied to the outside interface - in the example above - to allow that connection .i.e

access-list Outside-IN permit tcp any host eq 80

access-group Outside-IN in interface outside.

I hope it helps ... please rate it if it does !!!

fabiossilva Tue, 06/17/2008 - 03:10

Hi fernando, thanks... but... i need to do it from a inside host... to a inside host... not from outside to inside...

Is it possible?



nomair_83 Tue, 06/17/2008 - 03:26

I think u can..

just type static( inside,inside) tcp inside ip 80 webserver ip 8080.

This is a wild guess:) I never try this before



This Discussion