Seeking wisdom for a solution on something that should be relatively easy, but is proving elusive. My home network is setup like this...multiple internal Vlans (all sec-level 100) --->ASA 5505--->Edge Router--->ISP. The ASA is doing PAT for all internal networks, and the edge router is doing PAT for the ASA. All internal networks have internet access and all seems to be well going that direction.
What I'm getting stuck on is trying to setup static NAT for RDP coming in. I know it's probably not a good idea, but this is just a lab environment.
10.1.x.x = outside interface of ASA
10.1.y.y = inside host that I want to RDP to (object name CISCO_WIN7)
Edge router is doing a static translation to the outside interface of the ASA 10.1.x.x
Here's the ASA config:
ACL for RDP to reach inside host 10.1.y.y
Static NAT on ASA. CISCO_WIN7 is the object for the inside host.
Packet Tracer shows green...but still can't get through
Can anyone shed some light on what I'm doing wrong. Spent a week on this and the frustration level is high to say the least :(