Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
320
Views
0
Helpful
2
Replies

Is my traffic reaching the firewall?

Scott Cannon
Level 1
Level 1

‎02-04-2010 05:09 PM - edited ‎03-11-2019 10:05 AM

Hi Guys,

I'm new to the ASA and I'm currently working with a 5510 (7.0.6). I'm trying to allow users from the "inside" interface access to a specific host (HOSTA) on a specific port (PORTA) via the "outside" interface. It is not working, and I am not suer how to troubleshoot.

Here's the setup:

PAT is configured for all users on the "inside" to obtain a single routable IP (1.1.1.1). An access list has been created and applied to the inside interface to allow connection to HOSTA via PORTA for all users.

Here's my config:

global (outside) 1 1.1.1.1

nat (inside) 1 0.0.0.0 0.0.0.0

access-list inside extended permit tcp any host HOSTA eq PORTA

access-group inside in interface inside

Now, during troubleshooting, I do not see my internal address in the NAT table (using "show xlate"). Also I do not see any packet count in the access list (using show access-list)

I'm open to suggestions here really, as I'm completely stumped. Assume routing is fine and there are no other firewalls blocking traffic.

Can anyone help me?


Rgds

Scott

Labels:
0 Helpful
2 Replies 2

Scott Cannon
Level 1
Level 1

‎02-04-2010 08:08 PM

Is anyone able to tell me how to view the session table on an ASA 5510 (7.0.6)? That would be a good start.

0 Helpful

Scott Cannon
Level 1
Level 1

‎02-04-2010 09:08 PM

Hi All,

Apologies, but I figured this one out. Looks like there was an ACE further up the chain affecting my connection.

Rgds

Scott

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card