Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > passing ike through an ASA 5520 to another internal fw

Thread Tools

passing ike through an ASA 5520 to another internal fw

SteveB SteveB is offline
Junior Member
Join Date: Oct 2006
Posts: 17
I have a software vendor who has a firewall on their equipment within our private network. They need to have port 500 and 4500 opened incoming on our ASA to allow traffic to go to the inside ip of their firewall device.

How would I go about doing this? Would I have to do a static mapping between the outside interface and the private IP of the firewall device? Would I then create an access list to allow it?
Reply With Quote
Zakkas Zakkas is offline
Junior Member
Join Date: Apr 2006
Posts: 15
Yes, if they are initiating the connection from the outside to their server inside your network you will have to create a static mapping for that internal servers IP address to and outside IP address. Then on the access-list list that filters inbound connections from the outside you would have to add entries for for the mapped IP address allowing connections from the vendors device on the outside on (I think its udp port 4500 and tcp 500) but I'm not 100% sure. I could have the ports backwards.
Reply With Quote

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
ike phase 1 lifetime, asa with netscreen Bart Cisco 1 06-11-2009 11:25 AM
ASA-5520 with ASA-CSC-20 Cisco 1 02-22-2009 05:59 AM
allowing dns request through ASA 5520 Cisco 0 09-30-2008 11:29 AM
cisco ASA 5520 crashes with 7.1(2) and 7.2(1) networksecurity Cisco 3 06-14-2006 03:24 AM
Securing 1 VLAN with Cisco ASA 5520? Nicolai Cisco 3 03-02-2006 07:53 PM