Showing results for 
Search instead for 
Did you mean: 

Why is this so difficult? (Port Forwarding)


Having just come from a business that used Meraki devices, I feel like port forwarding on the Cisco ASA is beyond painful.  Why even make a GUI for a device if it doesn't help the user accomplish the tasks in an easier fashion?  /rant

What I have:

ASA 5505 running:

ASA 9.1(4)

ASDM 7.1(5)100

What I'm looking to do:

Forward all traffic that hits 3389 on my outside ip (lets just say to 3389 on using ASDM.

The biggest problem I am facing is that I have the latest version of both peices of software.  Everywhere I am looking shows different screens and menus than I have on my ASDM. 

I would normally just call support but they goofed up our contract and I'm waiting for our reseller to correct it all, which is taking way too long. Please, please please any help would be greatly appreciated.  Thanks for any time you spend responding!

Here are two screen shots of my current ASDM:

4 Replies 4

Jon Marshall
VIP Community Legend VIP Community Legend
VIP Community Legend


I appreciate this is not a direct answer to your question so i run the risk of another rant   but personally i have always found ASDM to be rather difficult.

Could you possibly do it from the CLI ie. -

object network


nat (inside,outside) static   service tcp 3389 3389

then allow access to the server/port in your acl on the outside interface. Note you use the private IP ie. in the acl.


I would have to setup the SSH service to get to the command line don't I? I tried looking up that this morning and was unable to find good documentation on that process as well.  I'm about to downgrade this thing to an older firmware and ASDM. Hah! 

Seriously though thanks for the response.  I'm very unfamilar with the CLI, having come from Meraki and Sonicwalls i've never had to touch anything like it.  It does look straight forward enough though.  Do the changes you make in the CLI affect ASDM?  How do you check your work?