Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

asa 5510 port forwarding question

Hello,

I'm trying to configure a asa 5510 to forward the smtp port to a host on my network. If the destination host is in the same subnet like the asa and the gateway of the host is the inside ip of the asa, all works fine. Now my question, is it posible to redirect the port to a host on an other subnet, where the destination host has not the asa as gateway? On my first try I got a SYN Timeout error. Is it true, that the tcp handshake only works if the destination host has the asa as gateway?

Thanks for your help!

4 REPLIES
Green

Re: asa 5510 port forwarding question

It should work fine. Just make sure the ASA has a route to the other network.

New Member

Re: asa 5510 port forwarding question

the asa has a route to the other network. the trace route to the destination host is successful and the trace route from the destination host to the inside interface from the asa ist successful. but, i still get a SYN Timeout Error on the asa...

mike

Re: asa 5510 port forwarding question

Interesting issue - never really played around with this. However in theory - it should make no difference, as longs as the following are true:-

1) The ASA has a route for the remote IP subnet pointing to a next hop device, it's connected to; ideally a layer 3 router.

2) The remote IP subnet also can route back to the ASA, via a layer 3 router.

At the end of the day - it's down to routing IP properly in the network.

HTH>

New Member

Re: asa 5510 port forwarding question

This sounds like a route is missing. Likely missing on the subnet side. This is where I's look.

149
Views
0
Helpful
4
Replies
CreatePlease login to create content