xtremereality
asked on
port redirection on cisco asa 5520
Hi all,
I am struggling a little bit opening some port on my asa 5520.
I have a voip server on 192.168.1.8.
I need to open the UDP ports range 9000-9500 in the firewall and redirect them to 192.168.1.8.
Can someone please pointing me to a solution either with CLI or ADMS?
Thanks in advance.
I am struggling a little bit opening some port on my asa 5520.
I have a voip server on 192.168.1.8.
I need to open the UDP ports range 9000-9500 in the firewall and redirect them to 192.168.1.8.
Can someone please pointing me to a solution either with CLI or ADMS?
Thanks in advance.
ASKER
Mi Max,
I have ASA 9.1 and ASDM 7.5
I have ASA 9.1 and ASDM 7.5
Hi,
change the following with the real public ip address you will nat on your ASA (I use 1.2.3.4 for example).
object network obj_VOIPSERVER
host 192.168.1.8
object network obj_VOIPSERVER
nat (inside,outside) static 1.2.3.4 dns
object-group service VOIPSERVER_PORTS udp
port-object range 9000 9500
access-list inbound extended permit udp any host 192.168.1.8 object-group WEBTV_UDP_PORTS
access-group inbound in interface outside
that's it ...
hope this helps
max
change the following with the real public ip address you will nat on your ASA (I use 1.2.3.4 for example).
object network obj_VOIPSERVER
host 192.168.1.8
object network obj_VOIPSERVER
nat (inside,outside) static 1.2.3.4 dns
object-group service VOIPSERVER_PORTS udp
port-object range 9000 9500
access-list inbound extended permit udp any host 192.168.1.8 object-group WEBTV_UDP_PORTS
access-group inbound in interface outside
that's it ...
hope this helps
max
ASKER
Thanks Max,
I am not sure about this?
nat (inside,outside) static 1.2.3.4 dns <-- DNS?
I guess here:
access-list inbound extended permit udp any host 192.168.1.8 object-group WEBTV_UDP_PORTS <-- You meant VOIPSERVER_PORTS?
I am not sure about this?
nat (inside,outside) static 1.2.3.4 dns <-- DNS?
I guess here:
access-list inbound extended permit udp any host 192.168.1.8 object-group WEBTV_UDP_PORTS <-- You meant VOIPSERVER_PORTS?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
which ASA IOS release do you have ?
max