Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

asa5510: why some ports can be forwarded and some not?

i have been working on this for over a week with no luck - if i configure the web server in my dmz to listen on port 5000 i can forward requests coming from outside on port 5000 and everything works fine. if i configure the web server to listen on port 80 and try to forward port 80 i get nowhere. what could be reason for this. i don't have any access lists that would block traffic on port 80. in fact all i have is:

access-list outside_in extended permit tcp any host <public IP> eq www

access-list outside_in extended permit tcp any host <public IP> eq 5000

static (dmz,outside) tcp interface www 10.10.5.13 www netmask 255.255.255.255

static (dmz,outside) tcp interface 5000 10.10.5.13 5000 netmask 255.255.255.255

like i said - with port 5000 everything works fine but not with port 80. any suggestions? thanks in advance...

1 REPLY
New Member

Re: asa5510: why some ports can be forwarded and some not?

Just check the inspection is enabled and any other NAT or PAT statment will block the traffic. Check the access list for any number with the port 80 might block.

108
Views
0
Helpful
1
Replies
CreatePlease login to create content