Skip to main content

Port Forward

(2017-02-28)

Problem

I have firewall with public IP 1.2.3.4. I need to expose ssh the private server 192.168.1.1 on IP 1.2.3.5 to the internet peer at 1.9.1.1/

Solution

conf t
object SERVER-NAT
 host 192.168.1.1
object INTERNETPEER
 host 1.9.1.1
access-list inbound_acl extended permit tcp object INTERNETPEER object SERVER-NAT eq ssh
object SERVER-NAT
 nat (any,any) static 216.208.174.120
exit

You can adjust the nat(any,any) to be something like nat(DMZ,Outside) as appropriate if you want.