Having just come from a business that used Meraki devices, I feel like port forwarding on the Cisco ASA is beyond painful. Why even make a GUI for a device if it doesn't help the user accomplish the tasks in an easier fashion? /rant
What I have:
ASA 5505 running:
What I'm looking to do:
Forward all traffic that hits 3389 on my outside ip (lets just say 188.8.131.52) to 3389 on 10.10.50.150 using ASDM.
The biggest problem I am facing is that I have the latest version of both peices of software. Everywhere I am looking shows different screens and menus than I have on my ASDM.
I would normally just call support but they goofed up our contract and I'm waiting for our reseller to correct it all, which is taking way too long. Please, please please any help would be greatly appreciated. Thanks for any time you spend responding!
I would have to setup the SSH service to get to the command line don't I? I tried looking up that this morning and was unable to find good documentation on that process as well. I'm about to downgrade this thing to an older firmware and ASDM. Hah!
Seriously though thanks for the response. I'm very unfamilar with the CLI, having come from Meraki and Sonicwalls i've never had to touch anything like it. It does look straight forward enough though. Do the changes you make in the CLI affect ASDM? How do you check your work?
You can actually connect via the console but you probably don't have a serial port on your laptop so you need a USB to serial adapter these days.
If not then yes ssh is the recommended way to go. There are lots of docs and config guides on Cisco's site. Have you seen these ?
In terms of the CLI affecting ASDM i found it was best to use one and just stick with that. You can probably tell but i really don't like ASDM at all. It has probably improved since i used it last but i found by the time i had fired it up and waited for itself to get sorted i could log into the CLI and configure the firewall.
ASDM also had a bad habit of adding lots of extra lines when you viewed the config.
In terms of checking you work a basic "sh run" will display the entire configuration although you can be more specific with the show commands to see only the things you want.
Not trying to put you off using the GUI at all and i'm sure there are a lot of people who find it very useful but i just found it cumbersome and not that easy to understand compared to just using the CLI which for me was far more intuitive.
But then i do come from a Unix background so i have always preferred using the command line
I understand you wanting to use CLI, trust me after 2 days of trying to figure out how to do something that should litterally take one minute. I'll starting digging through the docs on how to use it, seems like a better use of my time. =)
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...