Port forwarding between VLANS on ASA 5505?

An area specifically for port forwarding, firewalls and other (on-line) security related issues.
Post Reply
speckytwat
Newbie
Newbie
Posts: 1
Joined: Tue Mar 15, 2011 12:16 pm

Port forwarding between VLANS on ASA 5505?

Post by speckytwat » Tue Mar 15, 2011 12:19 pm

Hi all, we have an ASA 5505 and I need to set up port forwarding for an unusual port number which will be used for FTP on an IIS server.

It's a bit complex as there are 3 VLANs: these are called ISP, Server and LAN-side VPN. We need to add a TCP port 8521 forward from the server's IP in Server WAN to ISP WAN VLAN with public IP address.

As far as I'm aware, normally for simple port forwarding on a 5505 I can do the following:

configure terminal
object network FTP_Server
host [IP address of the destination server]
nat (inside,outside) static interface service tcp 8521 8521
exit
access-list inbound permit tcp any object FTP_Server eq 8521
access-group inbound in interface outside
write memory

However, will this work given that we want to forward the port from the IP address of the server in the Server WAN VLAN, to a public IP address in the ISP VLAN?
mstombs
RouterTech Team
RouterTech Team
Posts: 3753
Joined: Wed Jan 10, 2007 11:54 pm

Re: Port forwarding between VLANS on ASA 5505?

Post by mstombs » Tue Mar 15, 2011 9:38 pm

Don't know anything myself, nor seen much discussion of Cisco routers here

You may get more response from a mainly UK cable modem support site:-

http://www.chetnet.co.uk
Post Reply