*Coder Blog

Life, Technology, and Meteorology

ASA Port Forwarding

I came across the first less-than-trivial configuration situation on the ASA router this morning—port forwarding. On consumer routers, this is absolutely simple to setup, just specify what port number you want to forward and select the internal IP to forward it to. On the ASA, it’s a bit more complicated, and I decided to document it here in case anyone is Googling around for an answer. For this example, we are forwarding incoming traffic on port 8080 to a device on the internal network using the same port number.

First, you have to add the port to be forwarded to the outside interface’s access list. In ADSM, go to the Configuration panel under the Firewall section. Then click on Access Rules, and select the outside interface in the table. Click the Add button. Here, use the following settings:

  • Interface: outside
  • Action: Permit
  • Source: any
  • Destination: any
  • Service: tcp/8080 (or any other port number you would like to forward)
  • Description: (optional)
  • Enable Logging: (optional)

Click OK to add the access rule. Then click Apply at the bottom to upload the configuration to the router. In the end, it should look like this:

Now that we are allowing traffic on that port, we need to tell the router where to send the traffic. Click on the NAT Rules section and click the Add button to add a Static NAT Rule, using the following settings:

  • Original Interface: inside
  • Original Source: 192.168.1.5 (replace with internal IP)
  • Translated Interface: outside
  • Translated IP: Use Interface IP Address
  • Enable Port Address Translation (PAT)
  • PAT Protocol: TCP
  • PAT Original Port: 8080 (replace with your port, on the outside interface)
  • PAT Translated Port: 8080 (replace with your port, on the internal device)

Again, hit OK to add the NAT rule and apply the settings to the router. It should look like this:

That’s it, you’re done!

2 Comments

  1. Thank you for you sharing information. I also have anotherbest resource for people who want to search online internet-dictionary.
    Please check out this Tcp Ip Port Numbers Internet Dictionary
    Thank you for you sharing information.

  2. Dude, thank you. Very simple walkthrough.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

© 2020 *Coder Blog

Theme by Anders NorenUp ↑