Hi I need help with doing a port forward for remote desktop with asa5505 9.1.1 and asdm 7.1.1 i could have done this with the previous versions of asdm but now it even more confusing
Basic command format (that you can also insert through the ASDM toolbar -> Command Line Interface)
object network STATIC-PAT
nat (inside,outside) static interface service tcp 3389 3389
access-list OUTSIDE-IN permit tcp any object STATIC-PAT eq 3389
What was your last firewall version? Was it perhaps even below 8.3?
Are you saying the NAT configuration has somehow changed? I haven't tested 9.x software yet myself. Only 8.4(x)
Whats different from the below configuration windows? (using my own ASAs interface names)
Configuration -> Firewall -> NAT Rules -> Add Network Object
LAN = "inside"
WAN = "outside"
Configuration -> Firewall -> Access Rules ->
Right Click on the Interface/ACL for your "outside" interface in the list you see and choose "Add Access Rule"
STATIC-PAT = name of the object created in the NAT configuration
Please rate if you found the information was helpfull. Also mark the question as answered (if it was).
The first picture seems to be for me the configuration for a different type of NAT rule. Not the "Network Object" type of NAT
When you have gone to Configuration -> Firewall -> NAT Rules -> Then Right Click and the below options should be visible (This unless there has been some change from 8.4 -> 9.x)
The middle one highlighted for me gives the configuration window desired.
I guess if the ACL portion of the ASDM has changed because of some change in 9.x
I assume you can just add the rules by filling the above fields which are needed (source, destination, service)
To be honest, I dont personally use the ADSM for ACL and NAT so I'm a bit (if not alot) rusty with it.
someone help please..
i need to to port forwarding for 2 LAN ips natted to single Public IP.
2 LAN ip's and their ports.
1)LAN A port 443(https)
2)LAN B ports 8080 and 80(http).
Please help guys...
Teardown TCP connection 5735645 for outside:18.104.22.168/54731 to inside:10.2.150.5/3389 duration 0:00:30 bytes 0 SYN Timeout
What's the problem?
The host 10.2.150.5 on the "inside" is not replying to the TCP Connection forming.
You should check that no local firewall on the host is blocking the connection and also check that the host is configured otherwise to allow RDP sessions to it.
Also if those are ok should confirm that the host on the "inside" has the default route back to the Internet through the ASA.
Here 22.214.171.124 wan ip address?
object network PORT-FORWARD
nat (lan,wan) static interface service tcp 3389 3389
access-list wan_access_in extended permit tcp any object PORT-FORWARD eq 3389
The IP address under the "object network" should be the local IP address of the host/server
The parameter "interface" in the "nat" configuration line specifies that the IP address of the interface "wan" will be used as the NAT IP address.
nat (lan,wan) static interface service tcp
Remember to rate helpfull answers.
I am write
object network TEST
nat (LAN,WAN) static interface service tcp 3389 3389
access-list WAN_access_in extended permit tcp any object TEST eq 3389
Teardown TCP connection 6306058 for disbacak:126.96.36.199/29128 to icbacak:10.2.150.5/3389 duration 0:00:30 bytes 0 SYN Timeout
What is he problem?