If you are running 8.3 (or above) software this should be easy. If you are running 8.2 (or below) this will mean a large amount of configurations since range of ports cant be forwarded in that software to my understanding.
For software level 8.3 (and above) the configuration would be
object service UDP-3478-3497
service udp source range 3478 3497
object service UDP-16384-16387
service udp source range 16384 16387
object service UDP-16393-16402
service udp source range 16393 16402
object network INTERNAL-HOST
nat (inside,outside) source static INTERNAL-HOST interface service UDP-3478-3497 UDP-3478-3497
nat (inside,outside) source static INTERNAL-HOST interface service UDP-16384-16387 UDP-16384-16387
nat (inside,outside) source static INTERNAL-HOST interface service UDP-16393-16402 UDP-16393-16402
For software level 8.2 (and below) the configuration would be
If you are doing Static PAT (Port Forwarding) then you are basically forwarding ports to a certain internal host.
If the actual hosts on the internal LAN are forming the connections outbound on these ports then you just have to allow the traffic in the interface ACL (unless already done so) and have a basic Dynamic PAT translation to a public IP address which you most likely have already
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...