any contact number to solve

svappaji77 · ‎05-17-2015

Hi,

We are using CISCO ASA 5505, it was configured by someone else. Now i have to add new port forward for sql server to internal server.

I have followed all steps correctly for 1433(similar to 3389 which is already exists) but still it is not working.

NAT, ACL is configured as given directions.

object network obj-192.168.10.8-1
host 192.168.10.8
object service obj-1433
service tcp source eq 1433

access-list outsidein extended permit tcp any host 192.168.10.8 eq 1433
nat (inside,outside) source static server interface service obj-1433 obj-1433

I have tried to see in monitor, but it is not showing any requests when i try for 1433. i have applied filter source ip to see in monitor.

not getting what i missed here. any help to fix the problem

thank you

appaji

johnlloyd_13 · ‎05-18-2015

hi,

what's your show version?

could you try below?

object network obj-192.168.10.8-1

no nat (inside,outside) source static server interface service obj-1433 obj-1433

nat (inside,outside) static interface service obj-1433 obj-1433

svappaji77 · ‎05-18-2015

Thanks Johnloyd for response. pl find ver details below

ASDM Version : 7.1(5)100

ASA version:8.4(3)

Device Type : ASA5505

johnlloyd_13 · ‎05-18-2015

hi,

did you try the NAT config suggested above?

svappaji77 · ‎05-18-2015

Not yet, will do after couple of hours since i am outside of that network.

but do you see any issue with commends. when i execute my commands it shows no error and i see similar lines in GUI in access list and NAT compare with working port 3389.

svappaji77 · ‎05-19-2015

Hi,

i am getting error when I run given command

nat (inside,outside) static interface service obj-1433 obj-1433
^
ERROR: % Invalid input detected at '^' marker.

any other solution to trace the issue

johnlloyd_13 · ‎05-19-2015

hi,

does your ASA has an 'outside' interface?

please post show nameif output.

svappaji77 · ‎05-19-2015

Result of the command: "show nameif"

Interface Name Security
Vlan2 outside 0
Vlan3 inside 100

johnlloyd_13 · ‎05-19-2015

hi,

did you do?

config t

object network obj-192.168.10.8-1

no nat (inside,outside) source static server interface service obj-1433 obj-1433

nat (inside,outside) static interface service obj-1433 obj-1433

svappaji77 · ‎05-19-2015

yes, i did

Result of the command: "config t"

The command has been sent to the device

Result of the command: "object network obj-192.168.10.8-1"

The command has been sent to the device

Result of the command: "no nat (inside,outside) source static server interface service obj-1433 obj-1433"

ERROR: NAT configuration not found

Result of the command: "nat (inside,outside) static interface service obj-1433 obj-1433"

nat (inside,outside) static interface service obj-1433 obj-1433
^
ERROR: % Invalid input detected at '^' marker.

svappaji77 · ‎05-19-2015

any contact number to solve this problem

it is blocking my work

not able to forward port in cisco ASA 5505