i have a public ip 22.214.171.124 and i mapped with two ports 30000 & 30001 for accessing SAP application from outside of our network (Remote desktop is working)
access-list 101 extended permit tcp any host 126.96.36.199 eq 30000
access-list 101 extended permit tcp any host 188.8.131.52 eq 30001
static (inside,outside) tcp interface 30000 10.10.3.6 30000 netmask 255.255.255.255
static (inside,outside) tcp interface 30001 10.10.3.6 30001 netmask 255.255.255.255
But still iam unable to access
Looking forwrad to your response.
I would go to the ASA ASDM Monitor section and monitor connection attempts using those services.
See if anything is getting blocked by the firewall and what happens to the connection attempts. Check that the current ACL statements are getting "hitcount".
The configurations seem to be correct.
Maybe you are missing some ports that need to be forwarded also.
Do you mean that you have not used ASDM so far at all?
You should see if you have an ASDM file configured on the CLI with the command "show run asdm"
It should list an ASDM image file that is being used at the moment.
Otherwise it needs to be added with "asdm image flash:/
Use the command "dir flash:/" to see what ASDM image files your ASA holds
Yes i have not used ASDM so far..
Firewall-HO1# sh run asdm
asdm image disk0:/asdm-508.bin
no asdm history enable
Firewall-HO1# dir flash:/
Directory of disk0:/
84 -rwx 5548032 00:05:14 Jan 01 2003 asa708-k8.bin
10 drwx 8192 21:40:52 Jul 21 2009 crypto_archive
85 -rwx 6163744 21:53:18 Jul 21 2009 asdm-508.bin
87 -rwx 8515584 00:22:34 Sep 20 2003 asa724-k8.bin
88 -rwx 15261696 00:28:52 Sep 20 2003 asa823-11-k8.bin
89 -rwx 18527 00:29:40 Sep 20 2003 backup70.cfg
3 drwx 8192 23:19:00 Sep 19 2003 log
11 drwx 8192 23:19:36 Sep 19 2003 coredumpinfo
255426560 bytes total (219357184 bytes free)
I am not sure if your only ASDM versin will work with the ASA software (if you are currently using ASA software 8.2(3)) You might need some version 6.x version of ASDM or newer.
You should be able to install ASDM by connecting to a LAN interface IP address of the ASA with http/https
Though you will need to have configurations for it
http server enable
Where the souce network and interface are the ones behind which your computer is which is used to attempt the ASDM management.
I dont use ASDM much myself. I mostly use it for looking through realtime logs and troubleshooting in general. But not really for configurations.
That seems to be the old SDM not the ASDM. I think SDM is only used on Cisco IOS routers.
Though I cant remember what the very old PIX GUI were called. Dont know if they used somethig else then ASDM back then. Maybe PDM?