- Posts: 26
- Thank you received: 0
Port forwarding on asa 5505
- matoposb0y
- Topic Author
- Offline
- Junior Member
Less
More
13 years 11 months ago #36057
by matoposb0y
Port forwarding on asa 5505 was created by matoposb0y
Hi there,
I am trying to set up port forwarding on the asa5505. My setup is a router with ip address xxx.xxx.xxx.230 and my ASA is behind it with ip address xxx.xxx.xxx.229 and my network behind that. What I want is to allow external users to sync with a single computer on my inside network ip address 192.168.1.5. I have set up port forwarding (port 65100) on the router to send the request to ip address xxx.xxx.xxx.229 (the ASA) but I am not sure how to get the asa to forward the rquest to ip address 192.168.1.5.
I also want the users behind the ASA to be able to send the sync request to xxx.xxx.xxx.230 otherwise the user will always have to change the IP address to sync depending on whether they are on or off site.
Does anyone know how I could solve this please?
I am trying to set up port forwarding on the asa5505. My setup is a router with ip address xxx.xxx.xxx.230 and my ASA is behind it with ip address xxx.xxx.xxx.229 and my network behind that. What I want is to allow external users to sync with a single computer on my inside network ip address 192.168.1.5. I have set up port forwarding (port 65100) on the router to send the request to ip address xxx.xxx.xxx.229 (the ASA) but I am not sure how to get the asa to forward the rquest to ip address 192.168.1.5.
I also want the users behind the ASA to be able to send the sync request to xxx.xxx.xxx.230 otherwise the user will always have to change the IP address to sync depending on whether they are on or off site.
Does anyone know how I could solve this please?
- matoposb0y
- Topic Author
- Offline
- Junior Member
Less
More
- Posts: 26
- Thank you received: 0
13 years 11 months ago #36058
by matoposb0y
Replied by matoposb0y on topic Re: Port forwarding on asa 5505
Update: I disabled the port forward on the router and changed the sync address on the client computer to xxx.xxx.xxx.229 then typed these commands and it works from the outside!
access-list outside_access_in extended permit tcp any interface outside eq 65100
static (inside,outside) tcp interface 65100 192.168.1.5 65100 netmask 255.255.255.255
access-group outside_access_in in interface outside
Now I just need to figure out how to do it from the inside using xxx.xxx.xxx.229 - any ideas?
access-list outside_access_in extended permit tcp any interface outside eq 65100
static (inside,outside) tcp interface 65100 192.168.1.5 65100 netmask 255.255.255.255
access-group outside_access_in in interface outside
Now I just need to figure out how to do it from the inside using xxx.xxx.xxx.229 - any ideas?
- matoposb0y
- Topic Author
- Offline
- Junior Member
Less
More
- Posts: 26
- Thank you received: 0
13 years 11 months ago #36059
by matoposb0y
Replied by matoposb0y on topic Re: Port forwarding on asa 5505
I did it with the following commands:
global (inside) 1 interface
same-security-traffic permit intra-interface
static (inside,inside) tcp xxx.xxx.xxx.229 65100 192.168.1.5 65100 netmask 255.255.255.255
As usually you guys have been really helpful - thanks so much.
global (inside) 1 interface
same-security-traffic permit intra-interface
static (inside,inside) tcp xxx.xxx.xxx.229 65100 192.168.1.5 65100 netmask 255.255.255.255
As usually you guys have been really helpful - thanks so much.
Time to create page: 0.125 seconds