portforward on asa 5505

Unanswered Question
Jun 25th, 2009

Hello, i have a problem setting up portforwarding on a asa 5505

I want to get tcp port 2051 on the outside to be forwarded to 192.168.6.10 on the inside and i have the following config:

ASA Version 7.2(4)

interface Vlan1

nameif inside

security-level 100

ip address 192.168.6.1 255.255.255.0

!

interface Vlan2

nameif outside

security-level 0

ip address 195.81.121.246 255.255.255.252

!

interface Ethernet0/0

switchport access vlan 2

!

access-list inside_nat0_outbound extended permit ip any any

access-list inside_nat0_outbound extended permit ip 192.168.6.0 255.255.255.0 any

access-list outside_access_in extended permit ip any interface outside

global (outside) 1 interface

nat (inside) 1 0.0.0.0 0.0.0.0

static (inside,outside) tcp interface 2051 192.168.6.10 2051 netmask 255.255.255.255 0 0

route outside 0.0.0.0 0.0.0.0 195.81.121.245 1

dhcpd auto_config outside

!

dhcpd address 192.168.6.90-192.168.6.99 inside

dhcpd dns 192.168.6.1 interface inside

dhcpd enable inside

!

It seems that is constantly blocked by an ACL but i can't figure out the right config, could you give me some input?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 1 (1 ratings)
Loading.
dcambron Thu, 06/25/2009 - 05:58

static (INSIDE,OUTSIDE) tcp interface 2051 192.168.6.10 2051

no access-list outside_access_in extended permit ip any interface outside


access-list outside_access_in extended permit tcp any host 195.81.121.246 eq 2051


access-group outside_access_in in interface OUTSIDE


let meknow if it works

ciscoadminist Wed, 07/22/2009 - 09:01

static (INSIDE,OUTSIDE) tcp interface 2051 192.168.6.10 2051

no access-list outside_access_in extended permit ip any interface outside

access-list outside_access_in extended permit tcp any host 195.81.121.246 eq 2051

access-list outside_access_in extended permit ip any any

access-group outside_access_in in interface OUTSIDE

tray that's, it's work for me.

Good luck

alexojeda Thu, 07/16/2009 - 19:24

down the security level at Vlan1

from 100 to a low.

example: 90

Actions

This Discussion