I have a spare public IP that I have set up a static NAT translation to a server on our inside network.
object-group service DM_INLINE_SERVICE_1
service-object tcp eq www
service-object tcp eq https
access-list inside_access_in extended permit ip any any
access-list outside extended permit object-group DM_INLINE_SERVICE_1 any host 220.127.116.11
pager lines 24
logging asdm informational
mtu management 1500
mtu inside 1500
mtu outside 1500
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 1 0.0.0.0 0.0.0.0
static (inside,outside) tcp 18.104.22.168 www 192.168.50.5 www netmask 255.255.255.255
static (inside,outside) tcp 22.214.171.124 https 192.168.50.5 https netmask 255.255.255.255
access-group inside_access_in in interface inside control-plane
access-group outside in interface outside
The connection is denied by the ASA. The logs are suggesting an IP Spoof.
2 Sep 10 2010 05:28:18 106016 Deny IP spoof from (126.96.36.199) to 188.8.131.52 on interface outside
It is saying the destination IP address is 0 ???....