sciggs
asked on
Cisco ASA 5510 - How can I map a port to another port on a connection coming from the outside? EX, http request on tcp 80 hits the firewall and then maps to 8080 on an internal server
I have a web application that is running on port 8080 in IIS on a local server. To prevent external users from having to browse to, http://externalwebaddress:8080; how can I have them browse to http://externalwebaddress which is then transversed to http://internaladdress:8080?
I'm not sure whether this is a function my firewall should perform or something in IIS?
Thanks for any help.
I'm not sure whether this is a function my firewall should perform or something in IIS?
Thanks for any help.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
For instance, I need:
external:5000 > internal server
external:37 > internal server
external:21 > internal server
externalwebsite:80 > internalwebsite:8080
When I changed my current NAT of external to internal to a PAT with 80 and 8080, even though my existing ACL were still defined, they did not seem to be active. I need both of these to work simultaneously.
external:5000 > internal server
external:37 > internal server
external:21 > internal server
externalwebsite:80 > internalwebsite:8080
When I changed my current NAT of external to internal to a PAT with 80 and 8080, even though my existing ACL were still defined, they did not seem to be active. I need both of these to work simultaneously.
Can you post the NAT statement and then we go from there.
ASKER
static (inside,outside) EXTERNALIP INTERNALIP netmask 255.255.255.255
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I just experimented with enabling PAT on a static NAT rule in the ASDM but it appears my server lost connectivity on the other ports defined by the ACL until I undid the changes.