Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1159
Views
0
Helpful
5
Replies

Problem Configuring Public Servers and PAT in ASDM

N3t W0rK3r
Level 3
Level 3

‎03-13-2013 11:52 AM - edited ‎03-11-2019 06:13 PM

Hi,

I'm using ASDM v6.4 to configure an ASA5520 runing 8.2(5).  Trying to set up PAT using the Public Servers screen in ASDM, but there is no place for public and private service to be specified.  I only see a field for service.  Am I missing something?

Thanks in advance.

John

Labels:
0 Helpful
5 Replies 5

Jouni Forss
VIP Alumni
VIP Alumni

‎03-13-2013 12:07 PM

Hi,

Not the best person to advice on the ASDM side as I use 99% CLI on the ASA

But quickly checking the ASDM side on one of my ASAs seems to me that the section you are referring to should give the option to configure

  • Static NAT configuration
  • Define services allowed to that Static NAT IP address

You can also go to the following window on the ASDM

Configuration -> Firewall -> NAT Rules -> Click on the Add button -> Choose the rule type you want to configure

- Jouni

0 Helpful

N3t W0rK3r
Level 3
Level 3
In response to Jouni Forss

‎03-13-2013 12:14 PM

Thank you Jouni... but the documentation says there should be a field of Private Service and field for Public Service in the Add Public Server dialog, thereby fascilitating the PAT... but my dialog looks exactly like the one you show.

I guess I can go into the NAT Rules and modify the static NAT rules that are created as a result of the Public Servers creation.

John

0 Helpful

Jouni Forss
VIP Alumni
VIP Alumni
In response to N3t W0rK3r

‎03-13-2013 12:22 PM

Ah,

I think I have might have read the post wrong / Understood you wrong

Are you trying to configure Port Forward / Static PAT for your server using the public IP address of your "outside" interface?

Then you should go to the section

Configuration -> Firewall -> NAT Rules -> Add Button -> Add Static NAT Rule

It will enable you to configure the Static PAT which lets you configure the Real and Mapped port

- Jouni

0 Helpful

N3t W0rK3r
Level 3
Level 3
In response to Jouni Forss

‎03-13-2013 12:43 PM

Thanks again Jouni.  I think you understood me just fine the first time.

I am trying to confgiure a port forward from outside to inside, but the outside IP is not that of my outside interface, but one that lies in the same subnet as the outside interface.

I think I can use the Add Static NAT Rule dialog to accomplish what I need.  It's just frustrating that the Cisco documentation doesn't jive with the gui.  Click the Help button on the Public Servers dialog and you'll see what I mean.

Thanks again.

John

0 Helpful

Jouni Forss
VIP Alumni
VIP Alumni
In response to N3t W0rK3r

‎03-13-2013 12:49 PM

One reason why I only use CLI for the NAT and ACL and any other configurations I can is the reason that I can see everything with one command if needs be.

With ASDM you are jumping through multiple windows and are not quite sure what you have accomplished

Basic configuration format for Static PAT  (Port Forward) for example is

static (inside,outside) netmask 255.255.255.255

Unless I remember wrong. I have already pretty much moved to the new 8.3+ NAT format on most of the devices I configure.

- Jouni

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card