• Home
  • Cisco
  • Exchange
  • Linux
  • Navision
  • Network
  • Virtualization
  • Windows
  • About

    NAT to local IP

    One of the most common tasks is to configure a router to deliver traficĀ from the outside Internet toĀ the inside LAN. How is that done on a PIX or ASA?

    Add the basic NAT rule that makes NAT from the outside works.
    static (inside,outside) tcp interface 3389 3389 0 0
    In this example Remote Desktop (port 3389) is NAT’ed to

    If you want to use a different portĀ from the outside just change the line to
    static (inside, outside) tcp interface 3390 3389 0 0
    port 3390 is delivered to

    Now add an access rule that describes who has access. If everyone should have access use this line
    access-list allow_inbound permit tcp any interface outside eq 3389

    Finally, activate the new access-list to the outside interface.Ā 
    access-group allow_inbound in interface outside

    clear xlate