Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

Port forwarding

I have an ASA 5510 running 8.4(4)1 here is what I am trying to accomplish.

Setup.....

internet --> ASA ---> core switch and connected to core switch is a Meraki MX60 that will be a VPN concentrator for some Meraki Z1's

 

What I need to setup is port forwarding that will take traffic from the outside on port 25000 and send it to the Meraki MX 60 that has an IP address of 10.2.3.134.

Let's say the outside interface of the ASA is 208.208.208.194

 

Here is what I think I need to do......

object network host Meraki_MX_VPN
 nat (inside, outside) dynamic 10.2.3.134 service tcp 25000


access-list outside_access permit tcp any host Meraki_MX_VPN eq 25000

 

access-group outside_access interface outside

 

Would this accomplish what I need?

 

Mike

 

2 REPLIES

Well looks like what I

Well looks like what I thought would work is wrong.

need help with what I need to do.

 

Mike

New Member

It would beobject network

Some of your syntax was off but you want to use a public IP to present the Meraki to the Internet to allow access in, then NAT from that outside to the internal IP

 

object network Meraki_MX_VPN_ExtIP

 host x.x.x.x

 

object network Meraki_MX_VPN

 host 10.2.3.134

 nat (inside,outside) static Meraki_MX_VPN_ExtIP service tcp 25000 25000

 

access-list outside_access_in permit tcp any object Meraki_MX_VPN eq 25000

access-group outside_access_in in interface outside

 

 

110
Views
0
Helpful
2
Replies