08-28-2008 02:21 PM - edited 03-11-2019 06:37 AM
I was successful in configuring my ASA 5510 to allow on incoming queries on port 80 to 204.xxx.xxx.178 to be redirected to port 8123 and go to the internal IP of 192.168.100.178.
I set this up on the ASDM under the NAT Rules section. I used the PAT section to redirect incoming queries on port 80 to 8123.
However, we can no longer connect ssh to that server. I am assuming ALL connections are being redirected even though that is no longer the case.
Is there any way to allow only port 80 queries to be redirected? We would still like to ssh in and have other connections be valid.
I can provide config files if needed.
Thanks.
Solved! Go to Solution.
08-28-2008 02:54 PM
What does the ASDM log say when you attempt to connect to that server via SSH? If the PAT is failing, it should log an error indicating such. Have you verified that your outside access-list allows ssh incoming to that address?
08-28-2008 02:54 PM
What does the ASDM log say when you attempt to connect to that server via SSH? If the PAT is failing, it should log an error indicating such. Have you verified that your outside access-list allows ssh incoming to that address?
08-28-2008 07:40 PM
Actually, I figured it out. I had to add multiple static NAT entries for each protocol I was to admit. By watching the log files I was able to see the problem. So now I have three Static NAT entries, one for the port 80 redirection to 8123 and one for port 22 to port 22 and one for another basic port.
My problem was that I was looking at the problem from outside coming in, when typically PAT looks at inside going out, at least in my mind.
Thanks.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide