Hello List, a easy Cisco question.
Hello, I am not a heads down network guy, but I have setup a few firewalls, and have got them to do what I wanted, "eventually". But mostly through reading and trial and error. I am struggling with this one, but I think I know the answer, but want to verify it with some experts. We have a cisco asa 5505, with an internet connection with only one useable ip address (subnet 255.255.255.252). We/they have had a nat setup for outgoing connections for some time, but I have been trying to get a new inbound connection going for terminal services to a specific host on tcp port 3389. I'm using "ASDM" but checking the config file and it's building the correct static statement, and access lists (I think anyway). But It doesn't work, and doesn't give a real good definative log message. I was wondering if possibly the fact that nat is using the one ip address, if that precludes the static mapping from working. I've read several step by steps, and again had this working several other places, but always with more ip's. If having just one ip isn't the isssue, is there any other issues I should be looking for. I'd appreciate any insight you might share. Thanks in advance
setup for outgoing connections for some time, but I have been trying to get a new inbound connection going for terminal services to a specific host on tcp port 3389.
It sounds like what you want to do is reverse PAT (aka "Policy NAT") http://www.cisco.com/en/US/products/ps6120/products_configuration_example091... Are you familiar with the CLI or do you strictly use the GUI? .. you'll find the former is much more common. Cheers, Michael Holstein Cleveland State Unviersity
participants (2)
-
bill@kruchas.com
-
Michael Holstein