Port redirection - ASA (cli) for RDP - Remote Desktop Protocol
Hello and thank you for reading & helping out!
I have a customer that we are trying to remotely monitor and manage their servers. We have a management server and I can setup the ACL's to have any/any port:3389 open and accessible, but we are trying to strengthen the inbound simply by having a port redirection. Below is my code, which seems to be right according to all the other sites i have looked over trying to find out how to redirect ports on an ASA, as well NAT in general with cisco's CLI. I dont have ASDM capable, using SSH (putty) and remoting into the firewall. when i try to switch the ports access to 3390 with a port redirection (as shown below) I am not able to connect (nor will Portquery.exe show it as listening, rather it comes back "filtered").
I think that I am doing the NAT in the wrong location, but if I try to do a global NAT with the other statements outside fo the network object, I cant seem to get the ports to go through ( ' nat (inside,outside) source static any any service tcp 3390 3389 ' ) it says the port 3389 is 'invalid input'. I for one am lost lol, please help!
***ALL other code attempts work fine with 3389 in the acl/object-nat segments****
object network GLF-VCENTER
nat (inside,outside) static interface service tcp 3390 3389
access-list outside_access_in extended permit tcp any any eq 3390
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :