Cisco ASA 5505 User Manual

Page 1654

Advertising

74-68

Cisco ASA 5500 Series Configuration Guide using the CLI

Chapter 74 Configuring Clientless SSL VPN

Configuring Port Forwarding

Step 3

port-forward {list_name local_port remote_server
remote_port description}

Example:

hostname(config)# webvpn

hostname(config-webvpn)# port-forward

SalesGroupPorts 20143 IMAP4Sserver 143 Get Mail

hostname(config-webvpn)# port-forward

SalesGroupPorts 20025 SMTPSserver 25 Send Mail

hostname(config-webvpn)# port-forward

SalesGroupPorts 20022 DDTSserver 22 DDTS over SSH

hostname(config-webvpn)# port-forward

SalesGroupPorts 20023 Telnetserver 23 Telnet

Adds a port forwarding entry to a list.

•

list_name—Name for a set of applications
(technically, a set of forwarded TCP ports) for
users of clientless SSL VPN sessions to access.
The ASA creates a list using the name you enter
if it does not recognize it. Otherwise, it adds the
port forwarding entry to the list. Maximum 64
characters.

•

local_port—Port that listens for TCP traffic for
an application running on the user’s computer.
You can use a local port number only once for
each port forwarding list. Enter a port number in
the range 1-65535 or port name. To avoid
conflicts with existing services, use a port
number greater than 1024.

•

remote_server—DNS name or IP address of the
remote server for an application. The IP address
can be in IPv4 or IPv6 format. We recommend a
DNS name so that you do not have to configure
the client applications for a specific IP address.

Note

The DNS name must match the one assigned
to the tunnel group to establish the tunnel
and resolve to an IP address, per the
instructions in the previous section. The
default setting for both the domain-name
group and dns-group commands described
in that section is DefaultDNS.

•

remote_port—Port to connect to for this
application on the remote server. This is the
actual port the application uses. Enter a port
number in the range 1-65535 or port name.

•

description—Application name or short
description that displays on the end user Port
Forwarding Java applet screen. Maximum 64
characters.

Shows how to create a port forwarding list called
SalesGroupPorts that provides access to these
applications.

Step 4

(Optional)

no port-forward list_name local_port

Removes an entry from the list, specifying both the
list and the local port.

Command

Purpose

Advertising

This manual is related to the following products:

ASA 5585-X, ASA 5555-X, ASA 5545-X, ASA 5525-X, ASA 5515-X, ASA 5512-X, ASA 5580, ASA 5550, ASA 5540, ASA 5520, ASA 5510, ASA 5500 Series

Popular Brands

Popular manuals