VIDEO: ASA port forwarding for DMZ server access (versions 8.3 and 8.4)


Jul 6, 2011 5:49 AM
Jul 6th, 2011


The videos below provide a basic overview for enabling port forwarding to allow access to a DMZ server through a Cisco ASA in the 8.3 and 8.4 software versions. Depending on your preference, the videos will demonstrate the configuration in both the CLI and ASDM.



Average Rating: 5 (4 ratings)


Zubair.Sayed_2 Thu, 08/18/2011 - 23:55

Hi Mike.

I am not able to view these videos? Do you perhaps have another link for these.



mirober2 Sat, 08/20/2011 - 10:01 (reply to Zubair.Sayed_2)

Hi Zubair,

I've tried to play the videos on several computers and browsers and all have been successful. Do you have Adobe Flash Player installed? If so, perhaps try another browser or computer and see if that helps.


BillyNoll Tue, 08/23/2011 - 11:07

Clear, concise, understandable, do-able now.   Great job Mike, keep it up please

vipinrajrc Sun, 11/13/2011 - 22:32


Great Video..............................

I need to implement DMZ server in my office. But it is not a web server. it is a finger scanner server and antivirus server.

Also i need to access the DMZ servers from inside networks. for this do i need to create a rule? or

static ( inside,dmz) command?

Waht is the actual purpose of the above command? is it similar to NAT0 (no nat) or is it similar to NAT with same IPs.



llamaw0rksE Tue, 04/03/2012 - 08:48

Great Video for standard port forwarding.  Two comments.

1.   You did not discuss on the advanced page the two important settings of Source Interface and Destination Interface and the relationship between Destination Interface here, and the Translated Address entry on the first rule popup page.

2.   To get to network object nat rule you had to carefully select the down arrow next to the ADD button. Until I saw you do this on the video, I had always created my rules from the Object page.   It may be worth noting that NAT object rules can be created-found in two spots.

3.   Follow up videos or replacment video required, to explain a. access from LAN to DMZ servers,  b. Use of second public IP available (ie not rely on simple outside interface example),  c. ACL rule to limite external users via ACL, and finally d.  Reverse example, how to NAT so users can access servers on the internet  (and no other outbound traffic).

Specifically using ADSM or manual (twice nat) examples.


Login or Register to take actions

This Document

Posted July 6, 2011 at 5:49 AM
Comments:5 Avg. Rating:5
Views:9335 Contributors:5

Related Content

Documents Leaderboard