ASA 5505 multiple ports forwarded to same destination port

By kraszilaci ·

I tried to configure port forwarding on ASA5505 software version 8.2(5) from the outside interface to one inside ip.

I made a static statement like this:
static (inside,outside) tcp interface www x.x.x.1 www netmask

(x.x.x.1 is the internal ip)
This works like a charm.

Then i tried to add the second translation:
static (inside,outside) tcp interface 8080 x.x.x.1 www netmask

I got an error message:

[ERROR] static (inside,outside) tcp interface 8080 x.x.x.1 www netmask tcp 0 0 udp 0
duplicate of existing static
TCP inside.x.x.1/www to outside: netmask

Is it possible to forward from different outside ports to the same? If yes, then how?

Thanks in advance!

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Answers

Collapse -

hint: Access Control List

by CG IT In reply to ASA 5505 multiple ports f ...

Create an ACL that allows any inbound [external interface] traffic on port 8080 to your internal server/PC/whathaveyou. also remember the explicit deny statement at the end of any ACL on Cisco routers.

Collapse -

You can't have port 8080 going to the same port

by Charles Bundy In reply to ASA 5505 multiple ports f ...

On x.x.x.1 as the former rule already has www (port 80) mapped to port 80. Try

static (inside,outside) tcp interface 8080 x.x.x.1 8080 netmask

NOTE: I'm assuming www is an alias to the well known service ports, otherwise YMMV. Also make sure httpd is listening on 8080 and that the firewall on x.x.x.1 passes traffic.

Collapse -

Reponse To Answer

by kraszilaci In reply to You can't have port 8080 ...


Thanks for your help. The solution was to enable the same server to listen on other port and create another static route.


Related Discussions

Related Forums