So I have an ASA5506 and am trying to use the saved config file to teach myself command line usage.
I have two entries for PAT. One is for port 443 to xxxxx and the other 554 to yyyyy, both are for the same internal 192.168.0.x IP address. The saved config file shows the following two entries for the relevant access list entries:
access-list External_access_in extended permit tcp any object OBJECTNAME2 eq rtsp log notifications
access-list External_access_in extended permit tcp any object OBJECTNAME1 log notifications
So my question is that carefully checking ADSM, the NAT entry, access list entries and objects are IDENTICAL (apart for the source and destination port obviously) - But the two lines differ in that one has an "eq rasp" statement referring to the dest port, but the other does not?????? I cannot understand why the line without the EQ has this missing?
Here are the NAT statements
object network OBJECTNAME1
nat (Internal,External) static xx.xx.xx.2 service tcp rtsp xxxxx
object network OBJECTNAME2
nat (Internal,External) static xx.xx.xx.2 service tcp www xxxxx
What I cannot understand is that under ADSM the two access list entries look absolutely identical!
Please enlighten me!