I am trying to learn how to configure an ASA5505. I have written one access-list and one static NAT statement but I cannot get packets from outside to the host on the dmz.
The ip address on the outside interface is 126.96.36.199. The ip address on the dmz interface is 192.168.20.1.
To test I have one host, 188.8.131.52 connected to the outside interface and a second host, 192.168.20.134 connected to the dmz interface. I am running a utility called Attacker on the host in the dmz that is listening on port 110. To test I just telnet from the outside host to port 110 on the host in the dmz. So far I have been unsuccessful.
Here are my access-list and its grouping to the outside interface and my static NAT statement Am I missing something? Do I have to add184.108.40.206 to the outside interface as a virtual ip address like some firewalls or does the static nat accomplish this?
access-list OutsideToDmz extended permit tcp any host 220.127.116.11 eq pop3
access-group OutsideToDmz in interface outside
static (outside,dmz) 192.168.20.134 18.104.22.168 netmask255.255.255.255
Any suggestions will be greatly appreciated.