CISCO PAT 2 different outside ports, on one ip-address, to 1 inside port on one ip-address

Question

I have a problem with our new corporate CISCO ASA5510 firewall. With our old firewall it was possible to do the following PAT:

outside     -> inside
1.1.1.1:22  -> 192.168.1.2:22
1.1.1.1:443 -> 192.168.1.2:22

How can I do the same on the CISCO box? I need this because of another firewall (not under my control) that don't allow anything out on port 22.

Yours Rune Henssel

score 0 · Answer 1 · answered Apr 04 '11 at 16:39

0

Unless I am missing something, you should just be able to use static nat rules:

static (inside,outside) tcp 1.1.1.1 22 192.168.1.2 22 netmask 255.255.255.255 static (inside,outside) tcp 1.1.1.1 443 192.168.1.2 22 netmask 255.255.255.255

answered Apr 04 '11 at 16:39

Jon Reeves

438
2
7

That just gives me an this: static (inside,outside) tcp 1.1.1.1 22 192.168.1.2 22 netmask 255.255.25 ^5.255 ERROR: % Invalid input detected at '^' marker. – Rune Henssel Apr 04 '11 at 17:46

CISCO PAT 2 different outside ports, on one ip-address, to 1 inside port on one ip-address

1 Answers1