Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

port forwarding on mpls link

hi all,

i am having cisco asa 5520 with internet having public ip and cisco 2911 with mpls link in my office .. the mpls link is between my HO and my branch

i am putting my webserver in the branch side i want to port forward one of my publicip in my office to be forwarded to branch web server.

is it poosible on the firewall ouside the local network.

thanks

cyril

Everyone's tags (4)
3 REPLIES
Cisco Employee

port forwarding on mpls link

Yes, it is possible to configure port forwarding on the firewall with ip address not local to the network, as long as the web server default gateway at the branch is pointing towards the ASA at the HQ.

I assume that the branch office internet gateway is via the HQ through MPLS?

New Member

port forwarding on mpls link

hi jenni,

i am having seperate internet on my branch side but there is DSL 100mps with dynamic ip.

so i want to use my mpls link to forward the ports in my firewall.

is there any possiblity to confgiure without changing gateway because we are having some vlans on my branch side.

thanks

cyril

Cisco Employee

port forwarding on mpls link

No, if you are port forwarding on your HQ firewall, that means traffic is coming in via HQ, and since branch office has its own internet connection, that means the return traffic will be routed via the branch office internet, and this is asymetric routing, and packet will be dropped on the ASA firewall.

To port forward on HQ firewall, the traffic needs to come in and out the same firewall.

873
Views
0
Helpful
3
Replies
CreatePlease to create content