Simple NAT & security rule for ASA5520

Posted on 2007-10-12
Last Modified: 2008-01-09
Okay, so this seems like a stupid question, but for the life of me I cannot figure out what I am doing wrong.  We have a Cisco ASA5520 that I manage through the ASDM 5.1 interface.  I am trying to do a simple configuration to allow any outside traffic to NAT from a public IP address to an internet IP address  I only want port 9675 to be allowed to access that from the outside though.

That being said, the server that I am nat'ing to is on the internal interface.  What all do I need to do to accomplish this? (using the ADSM preferably)
Question by:rustyrpage
    1 Comment
    LVL 32

    Accepted Solution

    I do not know ASDM, but this is what you need; Assuming it is tcp traffic;

    static (inside,outside) tcp 9675 9675

    access-list <Name> permit tcp any host eq 9675

    access-group <Name> in interface outside

    In the above, if the protocol is udp, replace tcp whereever it occurs.

    As well, replace the acl name with whatever you have as of now.


    Featured Post

    What Is Threat Intelligence?

    Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

    Join & Write a Comment

    Network traffic routing plays key role in your network, if you have single site with heavy browsing or multiple sites, replicating important application data from your Primary Default Gateway ,you have to route your other network traffic from your p…
    I found an issue or “bug” in the SonicOS platform (the firmware controlling SonicWALL security appliances) that has to do with renaming Default Service Objects, which then causes a portion of the system to become uncontrollable and unstable. BACK…
    To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
    Internet Business Fax to Email Made Easy - With eFax Corporate (, you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…

    754 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    22 Experts available now in Live!

    Get 1:1 Help Now