Skip to main content

Port forwarding on asa 5505

More
13 years 11 months ago #36057 by matoposb0y
Hi there,

I am trying to set up port forwarding on the asa5505. My setup is a router with ip address xxx.xxx.xxx.230 and my ASA is behind it with ip address xxx.xxx.xxx.229 and my network behind that. What I want is to allow external users to sync with a single computer on my inside network ip address 192.168.1.5. I have set up port forwarding (port 65100) on the router to send the request to ip address xxx.xxx.xxx.229 (the ASA) but I am not sure how to get the asa to forward the rquest to ip address 192.168.1.5.

I also want the users behind the ASA to be able to send the sync request to xxx.xxx.xxx.230 otherwise the user will always have to change the IP address to sync depending on whether they are on or off site.

Does anyone know how I could solve this please?
More
13 years 11 months ago #36058 by matoposb0y
Update: I disabled the port forward on the router and changed the sync address on the client computer to xxx.xxx.xxx.229 then typed these commands and it works from the outside!

access-list outside_access_in extended permit tcp any interface outside eq 65100
static (inside,outside) tcp interface 65100 192.168.1.5 65100 netmask 255.255.255.255
access-group outside_access_in in interface outside

Now I just need to figure out how to do it from the inside using xxx.xxx.xxx.229 - any ideas?
More
13 years 11 months ago #36059 by matoposb0y
I did it with the following commands:

global (inside) 1 interface
same-security-traffic permit intra-interface
static (inside,inside) tcp xxx.xxx.xxx.229 65100 192.168.1.5 65100 netmask 255.255.255.255

As usually you guys have been really helpful - thanks so much.
Time to create page: 0.125 seconds