need help with acl for rdp

Unanswered Question
Sep 20th, 2007

i am looking to create an acl to block all traffic except for remote desktop connections to an interface on a cisco 3640

the total network is basically a and the network for the interface is

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Jon Marshall Thu, 09/20/2007 - 09:58

Hi Adam

It's not clear what you mean by an interface on the router. The following access-list would only allow rdp connections but it's a little difficult to suggest which interface to apply it to and in which direction.

access-list 101 permit tcp any eq 3389

access-list 101 deny ip any any

int fa0/0

ip access-group 101 out

This assumes the network is connected to the fa0/0 interface on your router.

The above access-list will only allow traffic sent to a host on network on port 3389. It will block everything else.



adam.mcdonald Thu, 09/20/2007 - 10:08

sorry i should have been a little more specific. the interface would be fastethernet 0/1 and i want to limit all inbound and outbound traffic

joshdloan Thu, 09/20/2007 - 12:01

access-list 110 permit tcp host eq 3389

apply it to the interface

joshdloan Thu, 09/20/2007 - 12:03

oops.. too much time on the PIX. those wild card masks should be reversed., etc


This Discussion