Hi all,

I have been asked to "forward a port on an ASA 5505 to an internal ip address." Sounds easy for most of you, and I thought I did it right, but I am not certain. Basically, they want it set up so that when xx.xx.xx.xx:30000 (x's = the firewall ip with port 30000) is accessed from outside, it is forwarded to an internal ip on port 30000 (xxx.xxx.x.xxx:30000)

Here is what I tried from within ASDM 6.4:

1. NAT Rules-add static NAT route:
original-Interface: inside
-Source: xx.xx.xx.xx (local ip of computer on LAN they wish to access from outside)

Translated - Interface - Use Interface IP Address

Enable PAT: Original and Translated port both set to 30000

2. Access Rule - add
Interface: Inside
Source: any
Destination: xx.xx.xx.xx (IP of Firewall)
Service: tcp/30000




Did I set this up properly, or is there something I missed?

Thank you

For my sake, what version of code are you using on that asa? 8.2? 8.3? 8.4(2)?

Also this may be relevant to your needs: http://www.gregledet.net/?p=537

I don't use asdm to do my NAT and ACL's but that may help you out depending on the version of code you are using on your ASA

be a man use cli

static (inside,outside) tcp x.x.x.x 3200 x.x.x.x 3200 netmask 255.255.255.255

_________________
"I will prepare and some day my chance will come." - Abraham Lincoln
http://danielhertzberg.wordpress.com - I blog about networks!