05-17-2015 03:50 PM - edited 03-08-2019 12:02 AM
Hi,
We are using CISCO ASA 5505, it was configured by someone else. Now i have to add new port forward for sql server to internal server.
I have followed all steps correctly for 1433(similar to 3389 which is already exists) but still it is not working.
NAT, ACL is configured as given directions.
object network obj-192.168.10.8-1
host 192.168.10.8
object service obj-1433
service tcp source eq 1433
access-list outsidein extended permit tcp any host 192.168.10.8 eq 1433
nat (inside,outside) source static server interface service obj-1433 obj-1433
I have tried to see in monitor, but it is not showing any requests when i try for 1433. i have applied filter source ip to see in monitor.
not getting what i missed here. any help to fix the problem
thank you
appaji
05-18-2015 01:08 AM
hi,
what's your show version?
could you try below?
object network obj-192.168.10.8-1
no nat (inside,outside) source static server interface service obj-1433 obj-1433
nat (inside,outside) static interface service obj-1433 obj-1433
05-18-2015 07:51 AM
Thanks Johnloyd for response. pl find ver details below
ASDM Version : 7.1(5)100
ASA version:8.4(3)
Device Type : ASA5505
05-18-2015 08:18 AM
hi,
did you try the NAT config suggested above?
05-18-2015 08:56 AM
Not yet, will do after couple of hours since i am outside of that network.
but do you see any issue with commends. when i execute my commands it shows no error and i see similar lines in GUI in access list and NAT compare with working port 3389.
05-19-2015 08:40 PM
Hi,
i am getting error when I run given command
nat (inside,outside) static interface service obj-1433 obj-1433
^
ERROR: % Invalid input detected at '^' marker.
any other solution to trace the issue
05-19-2015 08:55 PM
hi,
does your ASA has an 'outside' interface?
please post show nameif output.
05-19-2015 08:57 PM
Result of the command: "show nameif"
Interface Name Security
Vlan2 outside 0
Vlan3 inside 100
05-19-2015 09:00 PM
hi,
did you do?
config t
object network obj-192.168.10.8-1
no nat (inside,outside) source static server interface service obj-1433 obj-1433
nat (inside,outside) static interface service obj-1433 obj-1433
05-19-2015 09:03 PM
yes, i did
Result of the command: "config t"
The command has been sent to the device
Result of the command: "object network obj-192.168.10.8-1"
The command has been sent to the device
Result of the command: "no nat (inside,outside) source static server interface service obj-1433 obj-1433"
ERROR: NAT configuration not found
Result of the command: "nat (inside,outside) static interface service obj-1433 obj-1433"
nat (inside,outside) static interface service obj-1433 obj-1433
^
ERROR: % Invalid input detected at '^' marker.
05-19-2015 09:11 PM
any contact number to solve this problem
it is blocking my work
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide