cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

417
Views
0
Helpful
7
Replies
mr.imranmohd
Beginner

Cisco ASA 5510 - Port mapping

Hi friends,

i have a public ip 78.93.110.101 and i mapped with two ports 30000 & 30001 for accessing SAP application from outside of our network (Remote desktop is working)

access-list 101 extended permit tcp any host 78.93.110.101 eq 30000

access-list 101 extended permit tcp any host 78.93.110.101 eq 30001

static (inside,outside) tcp interface 30000 10.10.3.6 30000 netmask 255.255.255.255

static (inside,outside) tcp interface 30001 10.10.3.6 30001 netmask 255.255.255.255

But still iam unable to access

Looking forwrad to your response.

7 REPLIES 7
Jouni Forss
Mentor

Hi,

I would go to the ASA ASDM Monitor section and monitor connection attempts using those services.

See if anything is getting blocked by the firewall and what happens to the connection attempts. Check that the current ACL statements are getting "hitcount".

The configurations seem to be correct.

Maybe you are missing some ports that need to be forwarded also.

- Jouni

Can you please tell me how to configure ASA ASDM

Hi,

Do you mean that you have not used ASDM so far at all?

You should see if you have an ASDM file configured on the CLI with the command "show run asdm"

It should list an ASDM image file that is being used at the moment.

Otherwise it needs to be added with "asdm image flash:/.bin"

Use the command "dir flash:/" to see what ASDM image files your ASA holds

- Jouni

Yes i have not used ASDM so far..

Firewall-HO1# sh run asdm
asdm image disk0:/asdm-508.bin
no asdm history enable

Firewall-HO1# dir flash:/

Directory of disk0:/

84     -rwx  5548032     00:05:14 Jan 01 2003  asa708-k8.bin
10     drwx  8192        21:40:52 Jul 21 2009  crypto_archive
85     -rwx  6163744     21:53:18 Jul 21 2009  asdm-508.bin
87     -rwx  8515584     00:22:34 Sep 20 2003  asa724-k8.bin
88     -rwx  15261696    00:28:52 Sep 20 2003  asa823-11-k8.bin
89     -rwx  18527       00:29:40 Sep 20 2003  backup70.cfg
3      drwx  8192        23:19:00 Sep 19 2003  log
11     drwx  8192        23:19:36 Sep 19 2003  coredumpinfo

255426560 bytes total (219357184 bytes free)

Hi,

I am not sure if your only ASDM versin will work with the ASA software (if you are currently using ASA software 8.2(3)) You might need some version 6.x version of ASDM or newer.

You should be able to install ASDM by connecting to a LAN interface IP address of the ASA with http/https

Though you will need to have configurations for it

http server enable

http

Where the souce network and interface are the ones behind which your computer is which is used to attempt the ASDM management.

I dont use ASDM much myself. I mostly use it for looking through realtime logs and troubleshooting in general. But not really for configurations.

- Jouni

http server enable

http 10.10.204.146 255.255.255.255 inside

Then i have installed the Cisco SDM

Hi,

That seems to be the old SDM not the ASDM. I think SDM is only used on Cisco IOS routers.

Though I cant remember what the very old PIX GUI were called. Dont know if they used somethig else then ASDM back then. Maybe PDM?

- Jouni

Content for Community-Ad