Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

ASA 5505 Portforwarding to device with different default gateway

Hi!

A customer got a new VoIP PBX, and now I have to forward port 443 on the ASA to the PBX for remote administration purposes. The LAN-interface of the PBX is in the same subnet as the ASA but has an external VoIP-router as default gateway and not our ASA. Is it even possible to forward the port to the PBX when there is no route of any sort to our ASA on it?

Regards,

Erwin

  • Firewalling
Everyone's tags (3)
2 REPLIES
New Member

ASA 5505 Portforwarding to device with different default gateway

THis is Assymetrical routing in your network, usually not an ideal situation.

Although their is a workaround available to NAT the source IP address that is coming from outside to the interface Ip address on which your internal server is connected.

In this way all the communication from the external server will be seen as coming from the inside interface of the ASA by your internal server and hence the server should be able to reply to the firewall.

This would require you to configure OUTSIDE NAT

For outside NAT (from outside to inside), you need to use the outside keyword in the nat command.

Ex

nat (outside) 1 136.1.122.0 255.255.255.0 outside
global (inside) 1 interface

Sachin

New Member

ASA 5505 Portforwarding to device with different default gateway

Hi Sachin,

thanks for your reply. A technician of the phone company came up with the same solution in the meantime. He´s gonna send me a sample config, hope it will work.

Regards,

Erwin

885
Views
0
Helpful
2
Replies