Cisco ASA5505 Not able to NAT ports appear to be closed
Posted on 2011-03-20
I am trying to NAT port 80 from my outside interface (Internet WAN) to my inside interface (local IP address 192.168.1.0)
For whatever reason when I go to grc.com and perform a port scan port 80 shows as stealth whereas it would show open if it was working.
What I do see to be open and I don't understand why is the following ports
22 - SSH
443 - Https
Is this normal should they be closed is by current config wrong???
I have created a network object as Webserver
asa5505(config)# object network Webserver
asa5505(config-network-object)# host 192.168.1.1
asa5505(config-network-object)# nat (inside,outside) static interface service tcp www www
Exit back to the root and add the access list
access-list outside_in permit tcp any interface outside eq 81
This all appears to work fine but I am not able to get access to the webpage that should work on the server behind the firewall.
I have looked at the real time log viewer to so whats happening and filtered the results by the ip address I am coming in on and see TCP access denied by ACL from xxx.xxx.xxx.xxx /1094 to outside: xxx.xxx.xxx.xxx /80
I am at a bit of a loss as what to do next
Any help would be greatly appreciated.
I will upload my running config so you will see what I am working with