Advertisement

03.10.2008 at 02:29AM PDT, ID: 23227818
[x]
Attachment Details

Port Fowarding on ASA 5510

Asked by waynewilliams in Cisco PIX Firewall, Network Routers

Tags: Cisco, ASA, 5510

Hi,

I am having some trouble port fowarding on a ASA 5510.  I have one public IP address which is NAT'ed on the box.  Internet access works fine.  All I want to do is open port 5900 to one of our client PC's on the LAN.

Here is my config:

:
ASA Version 7.0(7)
!
hostname ciscoasa
domain-name default.domain.invalid
enable password qI0afsG2/uOqkuta encrypted
names
dns-guard
!
interface Ethernet0/0
 nameif WAN
 security-level 0
 ip address 78.32.xxx.xxx 255.255.255.224
!
interface Ethernet0/1
 nameif LAN
 security-level 100
 ip address 192.168.50.10 255.255.255.0
!
interface Ethernet0/2
 shutdown
 no nameif
 no security-level
 no ip address
!
interface Management0/0
 nameif management
 security-level 100
 ip address 192.168.1.1 255.255.255.0
 management-only
!
passwd qI0afsG2/uOqkuta encrypted
ftp mode passive
access-list outside__in extended permit tcp any interface WAN eq 5900
access-list WAN_pnat_inbound extended permit ip interface WAN host 192.168.50.1
0
pager lines 24
logging asdm informational
mtu management 1500
mtu LAN 1500
mtu WAN 1500
asdm image disk0:/asdm-507.bin
no asdm history enable
arp timeout 14400
global (WAN) 10 interface
nat (management) 10 0.0.0.0 0.0.0.0
nat (LAN) 10 0.0.0.0 0.0.0.0
static (LAN,WAN) tcp interface 5900 192.168.50.100 5900 netmask 255.255.255.255
route WAN 0.0.0.0 0.0.0.0 78.32.75.130 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00
timeout mgcp-pat 0:05:00 sip 0:30:00 sip_media 0:02:00
timeout uauth 0:05:00 absolute
username admin password CUz5OFKpeU8HmzHh encrypted privilege 15
http server enable
http 192.168.1.0 255.255.255.0 management
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
telnet 0.0.0.0 0.0.0.0 management
telnet timeout 5
ssh timeout 5
console timeout 0
dhcpd address 192.168.1.2-192.168.1.254 management
dhcpd address 192.168.50.100-192.168.50.110 LAN
dhcpd dns 195.74.102.146 195.74.102.147
dhcpd lease 3600
dhcpd ping_timeout 50
dhcpd auto_config LAN
dhcpd enable management
dhcpd enable LAN
!
class-map inspection_default
 match default-inspection-traffic
!
!
policy-map global_policy
 class inspection_default
  inspect dns maximum-length 512
  inspect ftp
  inspect h323 h225
  inspect h323 ras
  inspect rsh
  inspect rtsp
  inspect esmtp
  inspect sqlnet
  inspect skinny
  inspect sunrpc
  inspect xdmcp
  inspect sip
  inspect netbios
  inspect tftp
!
service-policy global_policy global
Cryptochecksum:ee7e2a24dd5fe5406dd99af2926d9d14
: end
ciscoasa#Start Free Trial
[+][-]03.10.2008 at 04:50AM PDT, ID: 21085501

View this solution now by starting your 7-day free trial. Setting up your free trial is quick, easy, and secure. We will return you to this solution, unlocked, when you're done.

 

About this solution

Zones: Cisco PIX Firewall, Network Routers
Tags: Cisco, ASA, 5510
Sign Up Now!
Solution Provided By: MrHusy
Participating Experts: 2
Solution Grade: A
 
 
 
Loading Advertisement...
20080716-EE-VQP-32 / EE_QW_2_20070628