Outside client unable to connect to inside SQL Server.
I'm creating a post on this because I haven't necessarily found an answer that works. We have a remote web server that has to talk to our SQL server (on out internal network). Currently our external web server is on a different ISP, and is able to talk with the SQL server through our router. I figured transferring the NAT/PAT rules, and ACLs over to the ASA 5516-X would suffice (we are replacing the router with the ASA). I've tried many different NAT rules, and with each one, the packet trace on ASDM shows that the connection is allowed. The way it is set up, the firewall should be translating our public IP:portNumber and forwarding it to our SQL server. I'm not sure what else to check, all the windows firewall rules are correct (since it is currently talking thru the router), but replacing it with the firewall (which has similar configs in this regards) it won't authenticate, and establish a connection. Please see the attached configuration and let me know what I could be doing wrong.
The exact error we are getting on Lastrock's logs in "unable to authenticate communication to xxxx on TCP port 1433 (xxxx is our ASA's outside facing IP address), however as mentioned earlier the packet trace allows the connection to go all the way thru.
The purpose of this document is to demonstrate how ISE authenticate / authorize a user that uses a smart card (PIN + Certificate) and password mechanism to login their system. This document describes the components used for this setup, configuration of IS...
For all versions of the Email Security Appliance (ESA) and Security Management Appliance (SMA), some Secure Sockets Link (SSL) certificates issued from the QuoVadis root certificate authority (CA) trust chain before 2021-03-31 cannot b...
Automation and programmability for networking and security are increasingly important topics. Every release since ISE 1.2 has included new REST API capabilities to better automate and integrate ISE with the rest of your network, appli...
The latest iteration (v2.3.4) of the Cisco Secure Firewall Migration Tool adds public beta support for S2S VPN migrations from ASA:
Policy-based (crypto map) Pre-Shared key authentication type VPN configuration to Firepower Management Center
Cisco Defense Orchestrator (CDO) is a cloud-based, multi-device manager that manages security products like Adaptive Security Appliance (ASA), Firepower Threat Defense next-generation firewall, and Meraki devices, to name a few.
We make improvement...