VIDEO: ASA port forwarding for DMZ server access (versions 8.3 and 8.4)


Wed, 07/06/2016 - 04:52
Jul 6th, 2011
User Badges:
  • Cisco Employee,


The videos below provide a basic overview for enabling port forwarding to allow access to a DMZ server through a Cisco ASA in the 8.3 and 8.4 software versions. Depending on your preference, the videos will demonstrate the configuration in both the CLI and ASDM.



Zubair.Sayed_2 Thu, 08/18/2011 - 23:55
User Badges:

Hi Mike.

I am not able to view these videos? Do you perhaps have another link for these.



mirober2 Sat, 08/20/2011 - 10:01
User Badges:
  • Cisco Employee,

Hi Zubair,

I've tried to play the videos on several computers and browsers and all have been successful. Do you have Adobe Flash Player installed? If so, perhaps try another browser or computer and see if that helps.


BillyNoll Tue, 08/23/2011 - 11:07
User Badges:

Clear, concise, understandable, do-able now.   Great job Mike, keep it up please

vipinrajrc Sun, 11/13/2011 - 22:32
User Badges:


Great Video..............................

I need to implement DMZ server in my office. But it is not a web server. it is a finger scanner server and antivirus server.

Also i need to access the DMZ servers from inside networks. for this do i need to create a rule? or

static ( inside,dmz) command?

Waht is the actual purpose of the above command? is it similar to NAT0 (no nat) or is it similar to NAT with same IPs.



llamaw0rksE Tue, 04/03/2012 - 08:48
User Badges:

Great Video for standard port forwarding.  Two comments.

1.   You did not discuss on the advanced page the two important settings of Source Interface and Destination Interface and the relationship between Destination Interface here, and the Translated Address entry on the first rule popup page.

2.   To get to network object nat rule you had to carefully select the down arrow next to the ADD button. Until I saw you do this on the video, I had always created my rules from the Object page.   It may be worth noting that NAT object rules can be created-found in two spots.

3.   Follow up videos or replacment video required, to explain a. access from LAN to DMZ servers,  b. Use of second public IP available (ie not rely on simple outside interface example),  c. ACL rule to limite external users via ACL, and finally d.  Reverse example, how to NAT so users can access servers on the internet  (and no other outbound traffic).

Specifically using ADSM or manual (twice nat) examples.

lucas sousa Wed, 07/06/2016 - 04:52
User Badges:


I too am unable to view these videos, are they still available since it was published 5 years ago?


This Document