Solved: Cisco ASA 5506

catdaddy6012 · ‎06-28-2016

Hello community,

I'm a Cisco novice that just attained his CCNA, however , I have no experience with the Cisco ASA appliances. I have all the basic stuff set up such as NAT, DHCP on the inside interface and things off that nature. The issue that I am having is trying to open certain ports for applications that need to be accessed from a particular address over the Internet. I would also like to allow RDP to a server on the inside network from the outside. Any help would be appreciated. Thanks. -Tony

Kornelia Gutierrez · ‎06-28-2016

Hello,

Could you please let us know which software version are you running in the ASA.

In 8.2 software version:

You will need to build an acess list and attach it to the outside interface

access-list out permit tcp host x.x.x.x host y.y.y.y eq 3389

Where:

out is the name of the acl

tcp is the protocol of the application

x.x.x.x is thespecific public ip address that is trying to reach the server

y.y.y.y is the public ip address of the server

3389 is the number of the port of the application that you are trying to allow

If you are running a post 8.3 code

access-list out permit tcp host x.x.x.x host y.y.y.y eq 3389

Where:

out is the name of the acl

tcp is the protocol of the application

x.x.x.x is thespecific public ip address that is trying to reach the server

y.y.y.y is the private ip address of the server

3389 is the number of the port of the application that you are trying to allow

Hope this helps

View solution in original post

Kornelia Gutierrez · ‎06-28-2016

Alrighty, use the second example then, the one that says post 8.3 code from 8.3 to 9.5 is the same configuration commands.

You are very welcome

View solution in original post

Kornelia Gutierrez · ‎06-28-2016

Hello,

Could you please let us know which software version are you running in the ASA.

In 8.2 software version:

You will need to build an acess list and attach it to the outside interface

access-list out permit tcp host x.x.x.x host y.y.y.y eq 3389

Where:

out is the name of the acl

tcp is the protocol of the application

x.x.x.x is thespecific public ip address that is trying to reach the server

y.y.y.y is the public ip address of the server

3389 is the number of the port of the application that you are trying to allow

If you are running a post 8.3 code

access-list out permit tcp host x.x.x.x host y.y.y.y eq 3389

Where:

out is the name of the acl

tcp is the protocol of the application

x.x.x.x is thespecific public ip address that is trying to reach the server

y.y.y.y is the private ip address of the server

3389 is the number of the port of the application that you are trying to allow

Hope this helps

catdaddy6012 · ‎06-28-2016

I am running the Cisco Adaptive Security Appliance Software version 9.5 (1) and Device Manager version 7.5 (1). Thanks some much for your speedy reply.

Kornelia Gutierrez · ‎06-28-2016

Alrighty, use the second example then, the one that says post 8.3 code from 8.3 to 9.5 is the same configuration commands.

You are very welcome