Connect from Outside - Cisco ASA 5505

NOTE:  The text below is a kind "sharing of information" by one of our Splashtop Remote users — Ted Fritchlee — explaining how to configure the firewall / port forwarding on the Cisco ASA 5505 router to enable you to use Splashtop Remote.  Feel free to leave appreciative comments for Ted if these instructions help you!

--------------------------------------------------------------------------------------------

No help needed.  I just wanted to pass along information for others.  I found very little documentation on the Internet on how to configure a Cisco ASA firewall for use with SplashTop Remote.  So, I created a configuration others could use.  Please add this in your support/FAQ section.  It defines how to configure your Cisco ASA 5505 firewall for SplashTop Remote access. — Thanks.

How to configure your Cisco ASA 5505 firewall for SplashTop Remote access

1.  Create a Service Group for the SplashTop Ports (used on the NAT statement):

  • object service SplashTop
  • service tcp source range 6783 6785
  • description Splashtop Remote Ports


2.  Create Service Object for the SplashTop Ports (used on the ACL):

  • object-group service STR tcp
  • description Splashtop Remote Ports
  • port-object range 6783 6785


3.  Create a Network Object for the PC running SplashTop Streamer (used on the NAT statement):

  • object network 192.168.1.10
  • host 192.168.1.10
  • description Address of PC running SplashTop Streamer

 

4.  Create an ACL to allow SplashTop access from the Internet:

  • access-list outside_access_in line 1 remark Allow Access for Splashtop Remote
  • access-list outside_access_in line 2 extended permit tcp any object 192.168.1.10 object-group STR
  • access-group outside_access_in in interface outside


5.  Create a NAT for the inside PC running SplashTop Streamer:

  • nat (inside,outside) source static 192.168.1.10 interface service SplashTop SplashTop

 

6.  Current default NAT to NAT all inside host addresses to the outside interface:

  • nat (inside,outside) source dynamic any interface

 

7.  Move the default NAT down under the static NAT:

  • no nat 1
  • nat (inside,outside) 2 source dynamic any interface
Have more questions? Submit a request

0 Comments

Article is closed for comments.