I am trying to learn how to configure an ASA5505. I have written one access-list and one static NAT statement but I cannot get packets from outside to the host on the dmz.
The ip address on the outside interface is 200.1.1.132. The ip address on the dmz interface is 192.168.20.1.
To test I have one host, 200.1.1.131 connected to the outside interface and a second host, 192.168.20.134 connected to the dmz interface. I am running a utility called Attacker on the host in the dmz that is listening on port 110. To test I just telnet from the outside host to port 110 on the host in the dmz. So far I have been unsuccessful.
Here are my access-list and its grouping to the outside interface and my static NAT statement Am I missing something? Do I have to add
200.1.1.134 to the outside interface as a virtual ip address like some firewalls or does the static nat accomplish this?access-list OutsideToDmz extended permit tcp any host 200.1.1.134 eq pop3
access-group OutsideToDmz in interface outside
static (outside,dmz) 192.168.20.134 200.1.1.134 netmask
255.255.255.255Any suggestions will be greatly appreciated.
Thanks