Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

ASA Does nothing but internet and point to point

Status
Not open for further replies.
jdobyns

jdobyns

Technical User
Jan 10, 2008
18
0
0
US
I installed an ASA 5505 in a client's location which is in another state. I configured a PTP VPN Tunnel to a Pix 506e and that works fine. I also configured access to the internet at the remote location. I am trying to do a few more things with it now.

1)I am trying to setup remote vpn access with the Cisco client and that is not working.

2)I am trying to set up remote mamangment so I can gain access to the ADSM from my house (I have a static ip)

3)I am trying to punch 2 holes through to allow specific users on the outside to terminal serve into 2 servers on the inside.

Number 3 in this list is the most important, however I would love to get all of the above items working.

Thanks in advance,

J.R.

 
Sort by date Sort by votes
1. Are you getting an error connecting? Can't pass traffic?

2. http x.x.x.x y.y.y.y outside

3.

no static (outside,inside) 192.168.0.5 65.x.x.3 netmask 255.255.255.255


no access-list outside_access_in extended permit tcp host 12.x.x.48 eq 3389 host 192.168.0.5 eq 3389
no access-list outside_access_in extended permit tcp any eq 3389 host 192.168.0.5 eq 3389
no access-list outside_access_in extended permit tcp any eq 3389 host 192.168.0.25 eq 3389


Then Enter

access-list outside_access_in extended permit tcp host 12.x.x.48 host 65.x.x.3 eq 3389


Then Clear xlate
 
Upvote 0 Downvote
Thank you very much for the information. I really appreciate it.I made the changes you suggested. Here is what I found.

1) When I connect from my house using any program, terminal client, https ADSM etc. I can not get the syslog to say anything about me trying to connect. I have the syslogger set on debug. Its almost like the connect is not reaching that far. The client has a Verion T-1 line, could Verizon have a firewall infront of us? However I can ping the gateway for the outside subnet. That is one hop from the ASA 5505.

I have setup many PIX 5xx family of products but this asa 5505 is kicking my butt. I really do not know where to go from here since the syslog is not stating any errors when I try to connect. Is there some magic button that will enable incoming connections to the outside interface?
 
Upvote 0 Downvote
No sir! I am using windows ping and Putty ssh client. There are no DENYS or errors in the syslog.
 
Upvote 0 Downvote
I would then check with the provider to see if there is a firewall.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Sameer258
  • Locked
  • Question
Need Help to Find ip and mac address with email who one open my email
Replies
0
Views
145
Sameer258
Sameer258
intel233
  • Locked
  • Question
Cisco ASA - VPN Question
Replies
6
Views
149
intel233
intel233
gkreg
  • Locked
  • Question
asa 5500-x url filtering
Replies
0
Views
92
gkreg
gkreg
intel233
  • Locked
  • Question
Cisco ASA 5510 -Static NAT Help
Replies
8
Views
160
intel233
intel233
Sparrow4
  • Locked
  • Question
Configure Avaya IPO R11 / VM Pro + Office365 or Exchange for voicemail to email
Replies
2
Views
145
Johnkite
Johnkite

Part and Inventory Search

Sponsor

Back
Top