Help with ASA 5505 Port Forwarding

Hello guys,I have a Cisco home rack lab which is behind my ASA 5505. I use my ASA to connect to the internet. My situation is I travel a lot for work and I am unable to do my labbing practice. I am pretty new to ASA and would like to do a port forwarding to access my access server which is connected to my Cisco routers and switches.My network topology is this:(internet)

(ASA 5505)

(3550)

(CM32 Access Server)

(Cisco Rack)This is how I setup my remote access:

ssh 0.0.0.0 0.0.0.0 outside

[COLOR=#333333][FONT=arial]![/FONT][/COLOR][COLOR=#333333][FONT=arial]object network CM32[/FONT][/COLOR][COLOR=#333333][FONT=arial]host 10.1.18.13[/FONT][/COLOR][COLOR=#333333][FONT=arial]object service CM32PF[/FONT][/COLOR][COLOR=#333333][FONT=arial]service tcp source eq 
[/FONT][/COLOR][COLOR=#333333][FONT=arial]nat (inside,outside) source static CM32 interface service  CM32PF CM32PF[/FONT][/COLOR]

I can't connect to my CM32 access server at all. On my SecureCRT, I get 'Broken pipe'. I am not sure if I am configuring this correctly. I have 15 ports that need to be forwarded to my CM32 access server.I can establish SSH connection to my ASA, but not to my CM32.Any help would be appreciated.Thanks

Find more posts tagged with

Comments

instant000

I haven't configured an ASA in quite some time now, and am not who you'd want configuring it, since I stopped working with it around the time places transitioned from 8.2 to 8.3/8.4.

Even with that said, I can prescribe a couple articles, that should set you up so that you can figure out this on your own, or at the least, generate output you could share with others, so we could then assist you in resolving the issue. That is, concepts last, while the specifics of configuration can change with a new code release ...)

The easiest way to check if you've misconfigured this:

Do a CLI packet-trace, to see where it fails in the process.

If that proves unfruitful, then you can do packet captures on the ingress and egress interfaces of the firewall, to see what is happening.

Please try these two articles:

https://supportforums.cisco.com/docs/DOC-5796

Troubleshoot Connections through the PIX and ASA - Cisco Systems

thehourman

Thanks for the quick reply.

I think I found a solution to my problem. I configured a IPSec remote access VPN. And I am able to access my Cisco rack now. I think this is the better option because I can now access my IP PDU which only supports telnet.