Command line in Cisco ASA
Hello, I have a problem with Cisco ASA 5505 with this software version:
adsm version 6.3(1)
asa version 8.3(1)
Now in "tool --> command line interface" I have send this command:
#static (inside,outside) tcp interface www 192.168.1.1 www netmask 255.255.255.255
the command send is succesfully, then "save running configuration to flash" but in running configuration (and also in startup configuration) there isn't this nat command !!
is very strange !
Thanks.
-
Salvatore.
adsm version 6.3(1)
asa version 8.3(1)
Now in "tool --> command line interface" I have send this command:
#static (inside,outside) tcp interface www 192.168.1.1 www netmask 255.255.255.255
the command send is succesfully, then "save running configuration to flash" but in running configuration (and also in startup configuration) there isn't this nat command !!
is very strange !
Thanks.
-
Salvatore.
Jan Bacher
what do you see if you send the command (no quotes) "copy run start" instead of the GUI option?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
therefore in:
nat (inside,outside) static interface service tcp www www
there ins't indicated the host destination ?
Thanks.
-
Salvatore.
nat (inside,outside) static interface service tcp www www
there ins't indicated the host destination ?
Thanks.
-
Salvatore.
ASKER
when run:
with firt and second command is all ok but I have problem with commando:
host 192.168.1.1
Result of the command: "host 192.168.1.1"
host 192.168.1.1
^
ERROR: % Invalid input detected at '^' marker.
the syntax is incorrect ?
Thanks.
-
Salvatore.
with firt and second command is all ok but I have problem with commando:
host 192.168.1.1
Result of the command: "host 192.168.1.1"
host 192.168.1.1
^
ERROR: % Invalid input detected at '^' marker.
the syntax is incorrect ?
Thanks.
-
Salvatore.
network-object host 192.168.1.1
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Sorry but I do not understand how can I run the command ! :-(
network-object host 192.168.1.1 host 192.168.1.1
??
Thanks.
-
Salvatore.
network-object host 192.168.1.1 host 192.168.1.1
??
Thanks.
-
Salvatore.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I am able to enter commands requested but in the log when I try access I have this:
4 Feb 21 2011 01:40:35 106023 ip_external 49881
192.168.1.1 80 Deny tcp src outside:ip_external/49881 dst
inside:192.168.1.1/80 by access-group "outside_access_in" [0x0, 0x0]
but in cisco configuration I have:
access-list outside_access_in extended permit object 80 any object obj-192.168.1.1
I must insert another access-list ??
Thanks.
-
Salvatore.
4 Feb 21 2011 01:40:35 106023 ip_external 49881
192.168.1.1 80 Deny tcp src outside:ip_external/49881 dst
inside:192.168.1.1/80 by access-group "outside_access_in" [0x0, 0x0]
but in cisco configuration I have:
access-list outside_access_in extended permit object 80 any object obj-192.168.1.1
I must insert another access-list ??
Thanks.
-
Salvatore.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I have add:
access-list outside_access_in extended permit tcp any object obj-192.168.1.1 object-group www
and now is ok !.
Thanks.
-
Salvatore.
access-list outside_access_in extended permit tcp any object obj-192.168.1.1 object-group www
and now is ok !.
Thanks.
-
Salvatore.