02-04-2010 05:09 PM - edited 03-11-2019 10:05 AM
Hi Guys,
I'm new to the ASA and I'm currently working with a 5510 (7.0.6). I'm trying to allow users from the "inside" interface access to a specific host (HOSTA) on a specific port (PORTA) via the "outside" interface. It is not working, and I am not suer how to troubleshoot.
Here's the setup:
PAT is configured for all users on the "inside" to obtain a single routable IP (1.1.1.1). An access list has been created and applied to the inside interface to allow connection to HOSTA via PORTA for all users.
Here's my config:
global (outside) 1 1.1.1.1
nat (inside) 1 0.0.0.0 0.0.0.0
access-list inside extended permit tcp any host HOSTA eq PORTA
access-group inside in interface inside
Now, during troubleshooting, I do not see my internal address in the NAT table (using "show xlate"). Also I do not see any packet count in the access list (using show access-list)
I'm open to suggestions here really, as I'm completely stumped. Assume routing is fine and there are no other firewalls blocking traffic.
Can anyone help me?
Rgds
Scott
02-04-2010 08:08 PM
Is anyone able to tell me how to view the session table on an ASA 5510 (7.0.6)? That would be a good start.
02-04-2010 09:08 PM
Hi All,
Apologies, but I figured this one out. Looks like there was an ACE further up the chain affecting my connection.
Rgds
Scott
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide