I have a PBX server and need a range of ports to be NAT'd with a single IP address. NAT works when I do a static one to one NAT but when I do range, it doesn't work. The firmware version is 15.0 (1r) M16. Below is my access-list and nat statement.
access-list 102 permit tcp any any eq 2123 access-list 102 permit udp any any eq 5060 access-list 102 permit udp any any range 10000 20000 access-list 102 permit udp any any range 5004 5020
ip nat pool NATPOOL 10.1.5.11 10.1.5.11 prefix-length 24 type rotary ip nat inside destination list 102 pool NATPOOL
I can access port 2123 from outside. But unable to get anything working on the range 10000-20000 and range 5004-5020.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...