Trying to understand firewall configuration on a Cisco ASA 5505

Posted on 2011-04-28
Last Modified: 2012-06-21
I'm trying to get a handle on the new ASA 5505 that I hired a contractor to install in the office.  The contractor used scripting to configure the ASA, and it works great.  I'm not a network guy, and I'll never be a network guy, but I would like the ability to administer the device using the ASDM interface at a basic level.  

I'm trying to poke a hole in the firewall and set up the appropriate port forwarding on the device.  I just created a new firewall hole for the Crash Plan utility (port 4242, images 1 and 2) and set up port forwarding as well (image 3).  Now, I'm using to determine if the ports the contractor configured are open (SSH and HTTPS) and if my port is open (CRASH_PLAN).  Image 4 shows the results.  It sure looks like my contractor did something right and I something wrong.  (I suppose it's also possible that is not a valid tool with which to check the status of a port on the ASA 5505.)  Suggestions?
Question by:jdana
    LVL 26

    Accepted Solution

    Based on your pictures it looks like it may be configured right. Have you tried to actually tested to see if you can access the Crash Plan from outside your network?
    LVL 26

    Expert Comment

    Try changing the setting in picture one for destination to the wan ip, similar to how VNC is configured. See what you get.
    LVL 4

    Expert Comment

    Can you post the config ?

    Author Closing Comment

    Soulja, wasn't a valid test.  The utility worked.

    Featured Post

    Looking for New Ways to Advertise?

    Engage with tech pros in our community with native advertising, as a Vendor Expert, and more.

    Join & Write a Comment

    Even if you have implemented a Mobile Device Management solution company wide, it is a good idea to make sure you are taking into account all of the major risks to your electronic protected health information (ePHI).
    Don’t let your business fall victim to the coming apocalypse – use our Survival Guide for the Fax Apocalypse to identify the risks and signs of zombie fax activities at your business.
    Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
    Here's a very brief overview of the methods PRTG Network Monitor ( offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

    731 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    17 Experts available now in Live!

    Get 1:1 Help Now