my last version was 8.4  with asdm 6.1.3 and i could have done it in the blink of an eye with this asdm but now it is just confusing

im new to cisco and the cli are there any gui examples with the new asdm

Hi,

Are you saying the NAT configuration has somehow changed? I haven't tested 9.x software yet myself. Only 8.4(x)

Whats different from the below configuration windows? (using my own ASAs interface names)

Configuration -> Firewall -> NAT Rules -> Add Network Object

LAN = "inside"

WAN = "outside"

Advanced

- Jouni

ok i got this piece and what abt the access rule

Hi,

Configuration -> Firewall -> Access Rules ->

Right Click on the Interface/ACL for your "outside" interface in the list you see and choose "Add Access Rule"

STATIC-PAT = name of the object created in the NAT configuration

Please rate if you found the information was helpfull. Also mark the question as answered (if it was).

- Jouni

ok thanks for your help bro but here is waht mine looks like

Hi,

The first picture seems to be for me the configuration for a different type of NAT rule. Not the "Network Object" type of NAT

When you have gone to Configuration -> Firewall -> NAT Rules -> Then Right Click and the below options should be visible (This unless there has been some change from 8.4 -> 9.x)

The middle one highlighted for me gives the configuration window desired.

I guess if the ACL portion of the ASDM has changed because of some change in 9.x

I assume you can just add the rules by filling the above fields which are needed (source, destination, service)

To be honest, I dont personally use the ADSM for ACL and NAT so I'm a bit (if not alot) rusty with it.

- Jouni

someone help please..

i need to to port forwarding for 2 LAN ips natted to single Public IP.

2 LAN ip's and their ports.

1

1)LAN A port 443(https)

2)LAN B ports 8080 and 80(http).

Please help guys...

Hi.

syslog

Teardown TCP connection 5735645 for outside:83.220.238.182/54731 to inside:10.2.150.5/3389 duration 0:00:30 bytes 0 SYN Timeout

What's the problem?

Hi,

The host 10.2.150.5 on the "inside" is not replying to the TCP Connection forming.

You should check that no local firewall on the host is blocking the connection and also check that the host is configured otherwise to allow RDP sessions to it.

Also if those are ok should confirm that the host on the "inside" has the default route back to the Internet through the ASA.

- Jouni

Here 1.1.1.1 wan ip address?

object network PORT-FORWARD

host 1.1.1.1

nat (lan,wan) static interface service tcp 3389 3389

access-list wan_access_in extended permit tcp any object PORT-FORWARD eq 3389

Hi,

The IP address under the "object network" should be the local IP address of the host/server

The parameter "interface" in the "nat" configuration line specifies that the IP address of the interface "wan" will be used as the NAT IP address.

object network

host

nat (lan,wan) static interface service tcp

Remember to rate helpfull answers.

- Jouni

I am write

object network TEST

host

nat (LAN,WAN) static interface service tcp 3389 3389

access-list WAN_access_in extended permit tcp any object TEST eq 3389

Dont work.

Syslog

Teardown TCP connection 6306058 for disbacak:83.220.236.74/29128 to icbacak:10.2.150.5/3389 duration 0:00:30 bytes 0 SYN Timeout

What is he problem?

?