Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
450
Views
0
Helpful
0
Replies

ASA 5505. Unable to RDP any computer from outside

GQconnection
Level 1
Level 1

‎01-21-2014 12:14 PM

Having some trouble connecting to the servers through the ASA 5505 with RDP from the outside network. I can ping the router outside address but i cannot ping any other outside address i assigned to the servers. I've tried different natting conf and routes but still the outside address is not getting translated to the inside address and I cannot access the server inside from my outside. Help!!!

ASA Version 8.2(5)

!

hostname Kronos-Router

domain-name VIBDomain.Com

enable password DfAs0PFRiL encrypted

passwd DfAs0PFRiL encrypted

names

name 10.128.x.x MDS

name 10.128.x.x RouterAddress

name 10.128.x.x StaticGateway

name 192.168.x.x MDS_Server

!

interface Ethernet0/0

switchport access vlan 2

!

interface Ethernet0/1

!

interface Ethernet0/2

!

interface Ethernet0/3

!

interface Ethernet0/4

!

interface Ethernet0/5

!

interface Ethernet0/6

!

interface Ethernet0/7

!

interface Vlan1

nameif inside

security-level 100

ip address 192.168.x.1 255.255.255.0

!

interface Vlan2

nameif outside

security-level 0

ip address RouterAddress 255.255.255.0

!

ftp mode passive

dns domain-lookup inside

dns server-group DefaultDNS

name-server MDS_Server

domain-name VIBdomain.Com

same-security-traffic permit inter-interface

same-security-traffic permit intra-interface

object-group service RDP tcp

port-object eq 3389

object-group protocol TCPUDP

protocol-object udp

protocol-object tcp

object-group service DM_INLINE_TCP_0 tcp

group-object RDP

port-object eq www

port-object eq https

access-list Inside extended permit icmp host MDS_Server host MDS

access-list inside extended permit tcp any host MDS eq 3389

access-list outside_access_in extended permit tcp any interface outside eq 3389

access-list outside_access_in extended permit tcp any interface outside eq 10201

access-list outside_access_in extended permit tcp any any

access-list outside extended permit tcp any interface inside eq 3389

access-list outside_access_in_1 extended permit tcp any host MDS object-group DM_INLINE_TCP_0

pager lines 24

logging asdm informational

mtu inside 1500

mtu outside 1500

ip verify reverse-path interface outside

no failover

icmp unreachable rate-limit 1 burst-size 1

icmp permit any inside

icmp permit any outside

no asdm history enable

arp timeout 14400

global (outside) 1 interface

nat (inside) 1 192.168.x.0 255.255.255.0

nat (inside) 1 0.0.0.0 0.0.0.0

static (inside,outside) tcp interface 3389 MDS_Server 3389 netmask 255.255.255.255

static (outside,inside) tcp MDS_Server 10201 MDS 10201 netmask 255.255.255.255

static (inside,outside) MDS MDS_Server netmask 255.255.255.255

!

router rip

!

route outside 0.0.0.0 0.0.0.0 StaticGateway 1

timeout xlate 3:00:00

timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02

timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00

timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00

timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute

timeout tcp-proxy-reassembly 0:01:00

timeout floating-conn 0:00:00

dynamic-access-policy-record DfltAccessPolicy

http server enable

http server session-timeout 15

http 192.168.x.0 255.255.255.0 inside

snmp-server host inside MDS_Server poll community ***** version 2c

snmp-server community *****

snmp-server enable traps snmp authentication linkup linkdown coldstart

sysopt noproxyarp inside

sysopt noproxyarp outside

crypto ipsec security-association lifetime seconds 28800

crypto ipsec security-association lifetime kilobytes 4608000

crypto ca server

shutdown

telnet 192.168.x.0 255.255.255.0 inside

telnet timeout 5

ssh timeout 5

console timeout 15

dhcpd auto_config outside

!

threat-detection basic-threat

threat-detection scanning-threat

threat-detection statistics host

threat-detection statistics access-list

no threat-detection statistics tcp-intercept

ntp server MDS_Server source inside prefer

webvpn

username cisco password miP9X7Qu1 encrypted

!

class-map inspection_default

match default-inspection-traffic

!

!

policy-map type inspect dns preset_dns_map

parameters

message-length maximum client auto

message-length maximum 512

policy-map global_policy

class inspection_default

inspect dns preset_dns_map

inspect ftp

inspect h323 h225

inspect h323 ras

inspect rsh

inspect rtsp

inspect esmtp

inspect sqlnet

inspect skinny

inspect sunrpc

inspect xdmcp

inspect sip

inspect netbios

inspect tftp

inspect ip-options

inspect icmp

inspect icmp error

!

service-policy global_policy global

prompt hostname context

no call-home reporting anonymous

Cryptochecksum:3f58ff817809eec74bdb046658ced63a

: end

1 person had this problem
Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents