Cisco ASA 5505 GUI

Posted on 2007-10-15
Last Modified: 2012-06-27
Programming Cisco ASA 5505 rule access using the GUI.:  Forward RDP to a server internally.
Question by:PEOCENTRAL
    LVL 1

    Expert Comment

    I assume you want to allow incoming connection to a static ip address, correct?
    GUI instructions are difficult to type and i think it's actually easier to do this with the CLI:

    access-list inbound permit tcp any host <outside static ip> eq 3389
    static (inside,outside) tcp <outside static ip> 3389 <inside static ip> 3389 netmask 0 0
    access-group inbound in interface outside
    wr mem

    hope that helps!
    LVL 1

    Author Comment

    So permissions are allowed via access lists?  By default is port 80 traffic allowed or is a NAT rule need to be setup?
    LVL 1

    Accepted Solution

    by default, and i believe it's true for all Cisco security appliances, that out-of-the-box, all ports are blocked and you have to enable incoming connections via access-list and NAT/PAT.

    so yes, port 80 is blocked and you need to configure access-list to enable it.
    LVL 1

    Author Comment

    So can you briefly tell me the difference between NAT and PAT?  Can Access lists not be used if you used dynamic or static rules with NAT/PAT?
    LVL 1

    Assisted Solution

    NAT allows for network address translation between 2 different networks...i.e. allowing multiple machines share 1 ip adress...there also one-to-one NAT where one external ip address is directly attached to one internal ip address...then there's PAT, which allows port mapping for multiple external ip addresses to be mapped to 1 or multiple internal ip addresses...

    PAT is preferrable since it's more flexible, in terms of configuration for incoming traffic.

    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    Join & Write a Comment

    Network traffic routing plays key role in your network, if you have single site with heavy browsing or multiple sites, replicating important application data from your Primary Default Gateway ,you have to route your other network traffic from your p…
    This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
    Migrating to Microsoft Office 365 is becoming increasingly popular for organizations both large and small. If you have made the leap to Microsoft’s cloud platform, you know that you will need to create a corporate email signature for your Office 365…
    Sending a Secure fax is easy with eFax Corporate ( First, Just open a new email message.  In the To field, type your recipient's fax number You can even send a secure international fax — just include t…

    730 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    19 Experts available now in Live!

    Get 1:1 Help Now