Port Forwarding on cisco asa5525X port 3389

walterfernandezgonzalez1 · ‎04-20-2015

i write from Venezuela I Need open port 3389 in my net local

I want open port 3389

My settings d team is this that I hit bottom. but I 've done everything and nothing works to use RDP terminal service on my network

I can not use port 3389
I should do there I leave my setting

hostname firecolegio
enable password 8Ry2YjIyt7RRXU24 encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
names
!
interface GigabitEthernet0/0
nameif outside
security-level 0
ip address dhcp setroute
!
interface GigabitEthernet0/1
nameif inside
security-level 100
ip address 192.168.1.1 255.255.255.0
!

ftp mode passive
object network INSIDE_subnet
subnet 192.168.1.0 255.255.255.0
object network STATIC-PAT
host 192.168.1.0
object-group icmp-type allow_icmp
icmp-object echo-reply
icmp-object time-exceeded
icmp-object unreachable
icmp-object traceroute
access-list INBOUND extended permit icmp any any
access-list INBOUND extended permit icmp any any object-group allow_icmp
access-list OUTSIDE-IN extended permit tcp any object STATIC-PAT eq 3389

Andre Neethling · ‎04-21-2015

Do you have any NAT configured? Did you apply the access-list to an interface with the "access-group" command? What is the host you are trying to allow 3389 to?

walterfernandezgonzalez1 · ‎04-21-2015

The HOST which want to output port 3389 is the address 192.168.1.10 inside

Andre Neethling · ‎04-21-2015

Where is your access-group statement. Where is your NAT statement? The network object host in your config is 192.168.1.0....... Please check?

walterfernandezgonzalez1 · ‎04-22-2015

my host its 192.168.1.10 NO 192.168.1.0

I was wrong to write

Andre Neethling · ‎04-22-2015

Are you using NAT? Where did you apply the access-list?

walterfernandezgonzalez1 · ‎04-23-2015

yes I use...

nat (inside,outside) static interface service tcp 3389 3389