I really don't know what I messed up, but as soon as I get this fixed I will backup my config again.
I am trying to setup a STATIC NAT from a public IP to the internal of 1 particular server and then allow 3389 (RDP) traffic from any outside source to this internal server.
I have the following:
access-list Outside_access_in extended permit tcp any host 10.100.101.1 eq 3389
static (Inside,Outside) tcp 70.150.***.*** 3389 10.100.101.1 3389 netmask 255.255.255.255
So far, this is the only Static NAT I am trying to configure. This Public IP will be used just for this server, so I am not sharing a single Outside IP with the internal servers.
I have read about the need to BIND the Outside_access_in to an access-group to the Outside interface, but the commands will not work. Am I just missing this entry so it knows which interface to apply the ACLs to?
I see the following in the Syslog when I try to connect to RDP from Outside:
Inbound TCP Connection denied from X.X.X.X/1806 to 70.150.X.X/3389 flags SYN on interace Outside