Port forwarding help

Answered Question
Jul 29th, 2008
User Badges:

My ASA 5505 has a static IP address that is connected directly to the internet.


Behind the ASA 5505 is my web server that is connected to the

internal network.


I would like to forward the http traffic that hits ASA 5505 to the internal web Server.

I have configured static PAT as following:

static (inside,outside) tcp interface www 192.168.1.10 www netmask 255.255.255.255


But it is still not working.

Could someone please advise me please!


Thank you!

Correct Answer by acomiskey about 8 years 10 months ago

You need to add an access list to allow the traffic in.


access-list outside_access_in extended permit tcp any interface outside eq www

access-group outside_access_in in interface outside

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
acomiskey Tue, 07/29/2008 - 14:13
User Badges:
  • Green, 3000 points or more

You need to add an access list to allow the traffic in.


access-list outside_access_in extended permit tcp any interface outside eq www

access-group outside_access_in in interface outside

davidwu2007 Wed, 07/30/2008 - 07:06
User Badges:

Thanks,

I did add the ACLs, but I received the following error.


2 Jul 30 2008 11:57:40 106001 12.13.156.xxx xx.22.133.166 Inbound TCP connection denied from 12.13.156.xxx/60807 to xx.22.133.166/80 flags SYN on interface outside


davidwu2007 Wed, 07/30/2008 - 07:23
User Badges:

Thank you!


There was a typing error.

Now it's working great!

Actions

This Discussion