Introduction:

The Cisco ASA firewall can be challenging to work with, and using the CLI can be difficult. However, basic configuration can still be done using the ASDM GUI. Since I don’t have a lot of time and energy to research the Cisco ASA firewall in-depth, I’m documenting the setup steps to avoid having to start from scratch again after a long time.

In this example, we will configure NAT (Port Forwarding) for three NVR (CCTV recorders) on the Cisco ASA 5512-X firewall to allow access from the outside network. Details are shown in the following diagram.

Cisco_ASA_NAT

Configuration Example:

Screenshots with minimal annotations.

Objects
  • Network Objects (Creating network objects)

ADD_2022-01-19_104308

NR01_2022-01-19_104042

NR02_2022-01-19_104048

NR03_2022-01-19_104053

ALL_2022-01-19_104141

  • Service Objects (Creating service objects)

ADD_Services_2022-01-19_091348

Port_Internal_2022-01-19_104015

Port_Public01_2022-01-19_104023

Port_Public02_2022-01-19_104028

Port_Public03_2022-01-19_104034

ALL_Services_2022-01-19_104143

NAT Rules

Creating NAT rules using Objects.

NAT01_2022-01-19_104406

Public_37 (Network Object) is the previously created Public IP address 209.118.222.13.

NAT02_2022-01-19_104412

NAT03_2022-01-19_104417

NAT_ALL_2022-01-19_104358

Access Rules

Access rules are necessary to allow access from the outside network to the internal devices.

Access_Rule01_2022-01-19_104428

Access_Rule02_2022-01-19_104433

Conclusion:

This example covers the basic configuration of the ASA firewall, with a focus on understanding the basic relationship between Objects, NAT, and Access Rules. This will make it easier to configure firewalls from different vendors in the future.