01-23-2014 09:23 AM - edited 03-07-2019 05:45 PM
hi all ,
ive googled alot with no benefit ,
ive tried alot with no benefit
here is y simple ASA 5505 with ios 8.4
====insidel lan==(ins)=====ASA==(outside)=============internet
i need two things :
1-i need to pat the inside lan 10.66.12.0/24 with the outside interface of the asa
also ,
2-i want to make portforward to the lan ip 10.66.12.122 for rdp
i will pasted followign config and wish somebody tell me the problem
======================================================================
object network localsubnet
subnet 10.66.12.0 255.255.255.0
description localsubnet
object network RDP-Host
host 10.66.12.122
description RDP host
object service rdp
service tcp destination eq 3389
access-list outside_in extended permit tcp any host 192.168.12.2 eq 5000
access-list outside_in extended permit tcp any host 10.66.12.122 eq 3389
access-list outside_in extended permit ip any any
nat (ins,outside) source static RDP-Host interface service rdp rdp
!
object network localsubnet
nat (ins,outside) dynamic interface
access-group outside_in in interface outside
========================================================
PAT is ok , no problems
but why i cant access the local address of 10.66.12.122 from the internet ???
i mean i put the public outside ip of the asa x.x.x.x:3389 but no luck !!!!!!!!!!1
could this an issue from ios ?
is my config right ?
how triubleshoot ??
regards
Solved! Go to Solution.
01-23-2014 10:58 AM
Did you configure the whole thing ie. not just adding the static line but also the object network bit first. It needs to be all configured as one.
Jon
01-23-2014 09:58 AM
I'm not yet entirely up to speed with ASA 8.3 NAT onwards but can you remove all your configuration for the RDP host and then try this -
object network RDP-Host
host 10.66.12.122
nat (ins,outside) static interface service tcp 3389 3389
Jon
01-23-2014 10:51 AM
hi ,
thanks alot ,
still no luck
a1(config)# nat (ins,outside) static interface service tcp 3389 3389
^
ERROR: % Invalid input detected at '^' marker.
a1(config)# nat (ins,outs
a1(config)# nat (ins,outside) ?
configure mode commands/options:
<1-2147483647> Position of NAT rule within before auto section
after-auto Insert NAT rule after auto section
source Source NAT parameters
a1(config)# nat (ins,outside)
wts going on ???
can be a feature disbaled on the ios ??
01-23-2014 10:58 AM
Did you configure the whole thing ie. not just adding the static line but also the object network bit first. It needs to be all configured as one.
Jon
01-23-2014 11:05 AM
hi ,
you are correct ,
thanks very verey vweery very very very very very much
the command as one block :
object network RDP-Host
host 10.66.12.122
nat (ins,outside) static interface service tcp 3389 3389
another question ,
i also wanto to forward http , https to another loccal host , and need to access the outside interface from the internet
which is best solution to access asa ??
change the asa http port ?
regards
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide