Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

static nat on cisco asa version 9.1

Posted on 2013-11-26
8
Medium Priority
?
8,698 Views
Last Modified: 2013-12-02
Hi

How can I configure static nat on cisco asa version 9.1?
I want to be able to access my server via rdp 3389 from external my internal ip of server is 192.168.1.10.

Interface 0/0
Nameif outside
Security-level 0
196.47.19.5

Interface 0/1
Nameif inside
Security-level 0
192.168.1.1


please give me the command to achieve this
0
Comment
Question by:ciscosupp
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
  • 2
8 Comments
 
LVL 57

Assisted Solution

by:Pete Long
Pete Long earned 1000 total points
ID: 39681122
That's not a Static NAT that's a port forward (Static PAT)

object network Server-3389
  host 192.168.1.1
  nat (inside,outside) static interface service tcp 3389 3389
access-list inbound permit tcp any object Server-3389 eq 3389
access-group inbound in interface outside


Pete
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 39681130
0
 

Author Comment

by:ciscosupp
ID: 39682015
You mean network-object host 192.168.1.10 and not 192.168.1.1     :-)

I get error please see attached file
static-PAT.jpg
0
Veeam Task Manager for Hyper-V

Task Manager for Hyper-V provides critical information that allows you to monitor Hyper-V performance by displaying real-time views of CPU and memory at the individual VM-level, so you can quickly identify which VMs are using host resources.

 
LVL 12

Accepted Solution

by:
Henk van Achterberg earned 1000 total points
ID: 39683011
This is the most clean solution:

object network SERVER
 host 192.168.1.10

object service rdp
 service tcp destination eq 3389

nat (outside,inside) source static any any destination static interface SERVER service rdp rdp unidirectional no-proxy-arp

access-list outside_access_in permit tcp any object SERVER eq 3389
access-group outside_access_in in interface outside
0
 

Author Comment

by:ciscosupp
ID: 39683072
okay thanks will try
must it be nat (outside,inside)  or nat (inside,outside,) bit confused please advice
0
 
LVL 12

Expert Comment

by:Henk van Achterberg
ID: 39683176
exactly as I wrote it down!
0
 

Author Comment

by:ciscosupp
ID: 39687204
I tried but get error see below and my object is created

asa(config)# show object-group id rdp
object-group service rdp
 service-object tcp destination eq 3389


asaconfig)# nat (outside,inside) source static any any destination static interface SERVER service rdp rdp

ERROR: rdp is not a valid service object name

please advice
0
 

Author Comment

by:ciscosupp
ID: 39689922
got it working
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Powerful tools can do wonders, but only in the right hands.  Nowhere is this more obvious than with the cloud.
This article explains the fundamentals of industrial networking which ultimately is the backbone network which is providing communications for process devices like robots and other not so interesting stuff.
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

670 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question