Hi, I've recently upgraded my old firewall from a PIX to an ASA5505 and have been trying to match up the configuration settings to no avail.
First problem I have is that I can't ping the new firewall on it's inside interface, despite having "icmp permit any inside" in the running config.
Secondly, the server I have on there ("Sar") can't connect out to the internet.
I've included the ASA's running config incase anybody can see if something stands out. I have a feeling it's either not letting anything onto the inside interface, or there is no nat going on.
Lastly (and possibly relevant), the firewall is actually going at the end of a vlan, which is different to the firewall's inside vlan number. I don't know if this is actually the problem because the server can't connect out even if connected directly into the firewall.
Great!!!! , yes it is an access-list issue.
we need to have the following access-list:
access-list outside_access_in extended permit tcp any object Sar eq 3389
we would need to use the real ip of the server and not public ip, in version 8.3 or above.
This shoudl definitely resolve the issue for you.
Hope this helps,