PAT can be accomplished 2 ways – by network object or by service object.
These notes are based on trying to get a port or group of ports to forward from the outside interface to a host behind the DMZ interface on a 5505 running 8.4:
Single Port – web server example
Use network object. Add an access list rule with:
Interface:outside
Source: any
Destination: LAN IP address of server (i.e. your internal IP address of the web server, etc)
Service: www
Now add a NAT rule – Add Network Object Rule
Name: something descriptive More »