I have a Cisco ASA 5520. I need to configure port forwarding on the vpn tunnel. Eg. i have almost 100 L2L vpn tunnels. Any clients hitting my LAN ip 192.168.1.1 on port 21, my ASA should forward that port 21 traffic to 192.168.2.1. Is it possible on the VPN? Please let me the configuration. If that doesn't work, lemme know any you suggestions on this. Please note that, any other traffic if client is hitting 192.168.1.1:80 it should not forward.
Thanks for the response. Let me try this in my lab in a day or two before configuring them on LIVE. But as mentioned, any other traffic if client is hitting
192.168.1.1:80, it should be forwarding to a different server say 192.168.3.1:80 or may be i can use it on some other server to re-direct. That should also work.
Let me know if that too is possible
If port port 21 port forwarding rule is applied, there will be no change in the existing access-list on the vpn tunnel (which is already in place) as this rule will forward only when it receives port 21 traffic from the client isn't?
any change required in the access-list?
while my existing configuration (which you have suggested) is in place, Client ----> 192.168.1.1:21 ----> 192.168.2.1:21
when i do port forwarding on the same server using different port say port 80 (as mentioned below) should also work
Client -----> 192.168.1.1:80 (this will open the web page on this server itself without re-directing to any other)
Client -----> 192.168.1.1:80 -----> 192.168.3.1:80 (which has to re-direct to any other server)
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :