Configure port forwarding Cisco ASA 5510

Majicthise
Majicthise used Ask the Experts™
on
I want to allow access to a device on our LAN thru firewall

Basically anything that comes from IP address aaa.bbb.ccc.ddd on UDP ports
15000-15200 is to be allowed access to an internal server www.xxx.yyy.zzz.

I've added the external IP address and the internal IP address and port ranges
and allowed access. However I'm not sure what to do next. Do I use NAT rules
to map the ports over? How do I add 200 ports?

Its an ASA 5510 by the way.

Thanks
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Senior infrastructure engineer
Top Expert 2012
Commented:
If you have an extra public ip natted exclusively to the internal server
(like static (inside,outside) outside_ip inside_ip netmask 255.255.255.255)
you can use a port range in the access list:
access-list outside_access_in extended permit udp any host outside_ip range 10000 20000

Author

Commented:
Thanks very much

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial