ASA Config issue

Unanswered Question
Jun 26th, 2008

Hi,

We are using ASA Version 7.2(2) Firewall and its configured public IP 122.166.9.59 for external interface. The customer using one remote desktop in side network for accessing from outside .Can we use single public IP for firewall external network and inside remote desktop also, if yes please let me know the configuration.

hostname ciscoasa

enable password xxx

names

!

interface Vlan1

nameif inside

security-level 100

ip address 192.168.0.1 255.255.255.0

!

interface Vlan2

nameif outside

security-level 0

ip address 122.166.9.59 255.255.255.0

!

interface Ethernet0/0

switchport access vlan 2

!

interface Ethernet0/1

!

interface Ethernet0/2

shutdown

!

interface Ethernet0/3

shutdown

!

interface Ethernet0/4

shutdown

!

interface Ethernet0/5

shutdown

!

interface Ethernet0/6

shutdown

!

interface Ethernet0/7

shutdown

!

access-list 101 extended permit tcp any host 122.166.9.59 eq 3389

pager lines 24

mtu inside 1500

mtu outside 1500

icmp unreachable rate-limit 1 burst-size 1

no asdm history enable

arp timeout 14400

nat-control

global (outside) 1 interface

nat (inside) 1 0.0.0.0 0.0.0.0

static (inside,outside) 122.166.9.59 192.168.0.10 netmask 255.255.255.255

access-group 101 in interface outside

route outside 0.0.0.0 0.0.0.0 122.166.9.1 1

timeout xlate 3:00:00

timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02

timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00

timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00

timeout uauth 0:05:00 absolute

http 192.168.0.0 255.255.255.0 inside

no snmp-server location

no snmp-server contact

snmp-server enable traps snmp authentication linkup linkdown coldstart

telnet 192.168.0.0 255.255.255.0 inside

telnet timeout 5

ssh timeout 5

console timeout 0

!

class-map inspection_default

match default-inspection-traffic

!

!

policy-map type inspect dns preset_dns_map

parameters

message-length maximum 512

policy-map global_policy

class inspection_default

inspect dns preset_dns_map

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
a.alekseev Fri, 06/27/2008 - 03:57

conf t

no static (inside,outside) 122.166.9.59 192.168.0.10 netmask 255.255.255.255

static (inside,outside) tcp interface 3389 192.168.0.10 3389 netmask 255.255.255.255

ntmanjunath Fri, 06/27/2008 - 07:03

This will work for both external firewall ip and internal remote desktop acess from out side ?

Actions

This Discussion