Need to configure ASA 5505 to allow remote desktop session from Internet (outside) to server on inside interface.
DSL modem is in bridge mode. I have a single live IP configured on outside interface (it's the only live IP I have for that site...leased from Embarq). I've enabled static translation from outside ip to inside ip on server (10.7.0.1). Do not have router on inside interface...all hosts within LAN have default gw set to inside int on 5505 (10.7.254.1). Config is below:
ip address 10.7.254.1 255.255.0.0
ip address 65.x.x.26 255.255.255.128
switchport access vlan 2
access-list outside_int extended permit ip 165.x.x.0 255.255.255.0 host 65.x.x.26
Unfortunately, your suggestions did not allow access to the internal server.
I'm curious if anyone can confirm that since we only have a single live IP (that is assigned to the outside interface on the 5505), is it possible to use that same live ip to attempt communication to an internal server using tcp port 3389? Or, would that require an additional IP address?
Yes it is possible I have a pix on my dsl connection and have setup a webserver and when you hit my external public IP my config redirects an port 80 traffic to my internal web server.
This is done just like Jorge described, if it is not working either post the config following his template here for review and/or look a bit deeper to make sure all the other pieces are correct like the server.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...