Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
654
Views
0
Helpful
2
Replies

Forward tcp port to server on LAN - Cisco 5510

dgcscisco665
Level 1
Level 1

‎07-03-2012 08:47 AM - edited ‎03-04-2019 04:52 PM

Due to departure of our IT guru I am left to manage our Cisco appliances so please excuse my poor basic knowledge, hopefully this site will help that improve!

I need to forward traffic from an Amazon server to an internal server with a SQL database on it so need to forward TCP 1433 to an internal IP (192.168.252.43) I have created an access rule to allow the amazon IPP through on 1433 but I am unsure how to point the traffic to the SQL server on the LAN.

I expect I will need to create a NAT rule to do this but cannot see how to achieve it.

I have another problem concerning a site to site VPN which establishes OK but does not pass traffic, I will post that question separately.

Any assistance would be gratefully received.

Dave

Labels:
0 Helpful
2 Replies 2

pompeychimes
Level 4
Level 4

‎07-03-2012 09:57 AM

What version of code are you running on the 5510? Issue the "sh ver" command to determine.

James

0 Helpful

dgcscisco665
Level 1
Level 1
In response to pompeychimes

‎07-04-2012 02:09 AM

Hi James, thanks for your reply, the result of the command: "sh ver" is below - hope you can assist

Cisco Adaptive Security Appliance Software Version 8.2(1)

Device Manager Version 6.2(3)

Compiled on Tue 05-May-09 22:45 by builders

System image file is "disk0:/asa821-k8.bin"

Config file at boot was "startup-config"

Fusion-FW02 up 10 days 18 hours

Hardware:   ASA5510, 1024 MB RAM, CPU Pentium 4 Celeron 1600 MHz

Internal ATA Compact Flash, 256MB

BIOS Flash Firmware Hub @ 0xffe00000, 1024KB

Encryption hardware device : Cisco ASA-55x0 on-board accelerator (revision 0x0)

                             Boot microcode   :  CN1000-MC-BOOT-2.00

                             SSL/IKE microcode:  CNLite-MC-SSLm-PLUS-2.03

                             IPSec microcode  :  CNlite-MC-IPSECm-MAIN-2.04

0: Ext: Ethernet0/0         : address is d0d0.fd1d.5b64, irq 9

1: Ext: Ethernet0/1         : address is d0d0.fd1d.5b65, irq 9

2: Ext: Ethernet0/2         : address is d0d0.fd1d.5b66, irq 9

3: Ext: Ethernet0/3         : address is d0d0.fd1d.5b67, irq 9

4: Ext: Management0/0       : address is d0d0.fd1d.5b68, irq 11

5: Int: Not used            : irq 11

6: Int: Not used            : irq 5

Licensed features for this platform:

Maximum Physical Interfaces  : Unlimited

Maximum VLANs                : 100      

Inside Hosts                 : Unlimited

Failover                     : Active/Active

VPN-DES                      : Enabled  

VPN-3DES-AES                 : Enabled  

Security Contexts            : 2        

GTP/GPRS                     : Disabled 

SSL VPN Peers                : 2        

Total VPN Peers              : 250      

Shared License               : Disabled

AnyConnect for Mobile        : Disabled 

AnyConnect for Linksys phone : Disabled 

AnyConnect Essentials        : Disabled 

Advanced Endpoint Assessment : Disabled 

UC Phone Proxy Sessions      : 2        

Total UC Proxy Sessions      : 2        

Botnet Traffic Filter        : Disabled 

This platform has an ASA 5510 Security Plus license.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card