Port forwarding help

Answered Question
Jul 29th, 2008

My ASA 5505 has a static IP address that is connected directly to the internet.

Behind the ASA 5505 is my web server that is connected to the

internal network.

I would like to forward the http traffic that hits ASA 5505 to the internal web Server.

I have configured static PAT as following:

static (inside,outside) tcp interface www 192.168.1.10 www netmask 255.255.255.255

But it is still not working.

Could someone please advise me please!

Thank you!

I have this problem too.
0 votes
Correct Answer by acomiskey about 8 years 5 months ago

You need to add an access list to allow the traffic in.

access-list outside_access_in extended permit tcp any interface outside eq www

access-group outside_access_in in interface outside

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
acomiskey Tue, 07/29/2008 - 14:13

You need to add an access list to allow the traffic in.

access-list outside_access_in extended permit tcp any interface outside eq www

access-group outside_access_in in interface outside

davidwu2007 Wed, 07/30/2008 - 07:06

Thanks,

I did add the ACLs, but I received the following error.

2 Jul 30 2008 11:57:40 106001 12.13.156.xxx xx.22.133.166 Inbound TCP connection denied from 12.13.156.xxx/60807 to xx.22.133.166/80 flags SYN on interface outside

Actions

This Discussion