11-14-2011 01:22 AM - edited 03-11-2019 02:50 PM
hi all,
i have a problem with portfoarwarding on asa 5505.
i have this situation:
internet ---> pubblic ip address-> router albacom -- 10.0.0.15 ---> -nat farward port 80--10.0.0.1 -outside -firewall asa -inside - 192.168.0.1------------server web 192.168.0.99
the server is not in dmz but it's on the lan network
my user must connect from internet, with any browser http://albacom_pubblic_address and router albacom and then asa firewall must nat and farward the port 80 on server web 192.168.0.99
any idea or tutorial
ths, best regards
Solved! Go to Solution.
11-14-2011 03:41 AM
Hi Luca,
On the outside interafce we woudl need the ACl:
access-list outside_access_in permit tcp any host 192.168.0.99 eq 80
access-group outside_access_in in interface outside
Thanks,
Varun
11-14-2011 01:26 AM
Hi Luca,
On the ASA, you would need the following:
object network server_ip
host 192.168.0.99
object service tcp_80
service tcp destination eq 80
nat (outside,inside) source static any any destination static interface server_ip service tcp_80 tcp_80
That would port forward all the request coming on port 80 on the outside interface of the firewall, to your internal server on port 80.
Hope that helps
Thanks,
Varun
11-14-2011 02:01 AM
any ACLs need or not?
11-14-2011 03:41 AM
Hi Luca,
On the outside interafce we woudl need the ACl:
access-list outside_access_in permit tcp any host 192.168.0.99 eq 80
access-group outside_access_in in interface outside
Thanks,
Varun
11-14-2011 04:51 AM
ok i test the command
ths a lot
11-14-2011 07:17 AM
ths Varun, the configuration works!
bye mate
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide