Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

ACL HELP! Need Access to to LAN Address and Port from WAN

I need to be able to access a private ip address of 192.168.1.50 through the TCP port 100 from anywhere on the WAN side (Static IP).  What ACL rule do I need to create? and how do you enable that rule?  The router is a CISCO 1921. 

Any help would be greatly appreciated!!!

3 REPLIES
Hall of Fame Super Silver

ACL HELP! Need Access to to LAN Address and Port from WAN

Wesley

I believe that what you need is a static translation which specifies that any traffic incoming to the static IP of your router on port TCP 100 will be translated to the inside private address of 192.168.1.50 on TCP 100.

HTH

Rick

New Member

ACL HELP! Need Access to to LAN Address and Port from WAN

Thanks Rick, I have tried various programming for this but I am unable to program properly.  What would the configuration programming look like for your solution?

New Member

ACL HELP! Need Access to to LAN Address and Port from WAN

Your basically asking for unsolicited traffic to get to that IP and that port.  Much like accessing a private server on the private LAN.   If this is the case here are the parameters...

a.  You need an ACL to permit traffiic inbound (typically this is implicity blocked lower sec to higher sec interface).

b.  Once passed the firewall the traffic has to be routed-translated to the real IP.  (as stated via Static NAT rule).

An ACL rule structure and Static NAT rule structure are defined by your router and firmware version being used.

I only am using an ASA5505 vers 8.43 and thus probably mammary gland useless in your case.

Read up on configuring both and any examples you can find.  

578
Views
0
Helpful
3
Replies
CreatePlease to create content