Port Forwarding ASA5505

Unanswered Question
Jun 24th, 2009

I have an ASA5505 configured for Remote VPN connection. I am adding an IP phone server that will allow remote IP phones to connect to the internal phone system. I need to Port Forward port 59002 to an internal IP address. Is there an easy way to do this? Thanks, Kevin

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
hill.kevin Thu, 06/25/2009 - 05:37

Andrew,

I believe it is hardware based because I have an actual phone as a remote and a computer inside my network. It is an ESI 50 system.

Thanks,

Kevin

andrew.prince@m... Thu, 06/25/2009 - 05:47

Just add an entry to the acl allowing any remote access to the NAT ip using a desintaiton TCP/UDP port required.

hill.kevin Thu, 06/25/2009 - 06:01

Can you give me the entry for that? I have added a couple of access-list commands and static commands to the configuration. I can see the static entry in the NAT using ASDM showing the port on the outside and the IP on the inside but it still does not work.

hill.kevin Thu, 06/25/2009 - 05:46

Francisco,

This remote phone does not use the remote VPN connection. I think it just uses our public IP and port. With the port forwarded to the IP of the ESI computer on the inside of the network.

Thanks,

Kevin

dcambron Thu, 06/25/2009 - 05:53

Static (INSIDE,OUTSIDE) tcp interface 59002 59002

Access-list permit tcp/udp eq 59002

hill.kevin Thu, 06/25/2009 - 06:09

I see that now thanks! Please forgive me, I am not an IT professional, just a small business owner trying to survive. Can you give me an example of the and the . I know what my public IP is. Thanks!

dcambron Thu, 06/25/2009 - 06:14

Static (INSIDE,OUTSIDE) tcp interface 59002 59002

Access-list ACL_OUT permit tcp/udp ANY eq 59002

access-group ACL_OUT in interface OUTSIDE.

If you hace any problem please send me the

show run access-group

show access-list

hill.kevin Thu, 06/25/2009 - 06:24

When I type in the access-list command, I get the error Invalid Hostname with the indication on the "e" of eq.

hill.kevin Thu, 06/25/2009 - 06:54

Success!! I added the word "host" before the public IP and then followed the rest of the commands. The phone works! Thanks!!!!

Actions

This Discussion