[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2943
  • Last Modified:

Cisco ASA 5505 GUI

Programming Cisco ASA 5505 rule access using the GUI.:  Forward RDP to a server 192.168.xxx.xxx internally.
0
PEOCENTRAL
Asked:
PEOCENTRAL
  • 3
  • 2
2 Solutions
 
jetli87Commented:
I assume you want to allow incoming connection to a static ip address, correct?
GUI instructions are difficult to type and i think it's actually easier to do this with the CLI:

access-list inbound permit tcp any host <outside static ip> eq 3389
static (inside,outside) tcp <outside static ip> 3389 <inside static ip> 3389 netmask 255.255.255.255 0 0
access-group inbound in interface outside
wr mem

hope that helps!
0
 
PEOCENTRALAuthor Commented:
So permissions are allowed via access lists?  By default is port 80 traffic allowed or is a NAT rule need to be setup?
0
 
jetli87Commented:
by default, and i believe it's true for all Cisco security appliances, that out-of-the-box, all ports are blocked and you have to enable incoming connections via access-list and NAT/PAT.

so yes, port 80 is blocked and you need to configure access-list to enable it.
0
 
PEOCENTRALAuthor Commented:
So can you briefly tell me the difference between NAT and PAT?  Can Access lists not be used if you used dynamic or static rules with NAT/PAT?
0
 
jetli87Commented:
NAT allows for network address translation between 2 different networks...i.e. allowing multiple machines share 1 ip adress...there also one-to-one NAT where one external ip address is directly attached to one internal ip address...then there's PAT, which allows port mapping for multiple external ip addresses to be mapped to 1 or multiple internal ip addresses...

PAT is preferrable since it's more flexible, in terms of configuration for incoming traffic.
0

Featured Post

Managing Security & Risk at the Speed of Business

Gartner Research VP, Neil McDonald & AlgoSec CTO, Prof. Avishai Wool, discuss the business-driven approach to automated security policy management, its benefits and how to align security policy management with business processes to address today's security challenges.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now