We previously used PDM for PIX version 6 to manage firewall NAT and access rules. From version 7 they introduced the ASDM interface and we would like to take advantage of the new features.
Previously in version 6 we would define a static (inside,outside) NAT and create a corresponding access rule to permit access from the outside (typically to permit remote support from a software supplier - RDP / pcAnywhere for example.)
This would result in the following config:
static (inside,outside) 10.20.30.111 192.168.1.1 netmask 255.255.255.255
The access rule entered into PDM would permit access to the inside address. (See attachment)
PDM with version 6 was intelligent enough to adjust the access-list command accordingly for the outside NAT address:
access-list outside_access_in extended permit tcp 10.20.30.0 255.255.255.0 host 10.20.30.111 eq 3389
Note the destination host has been replaced with the valid outside NAT address - even though the inside name was specified in PDM.
Unfortunately in version 8 this is not the case. If you permit access to an inside name via ASDM - even if a valid (inside,outside) NAT is present the access-list command it not adjusted:
access-list outside_access_in extended permit tcp 10.20.30.0 255.255.255.0 host 192.168.1.1 eq 3389
Any suggestions would be appreciated.