Help enable 3389 from DMZ to Inside

Unanswered Question
Mar 26th, 2010
User Badges:

I'm using Pix 520 rev 4.2

I need to enable a computer in the DMZ RDP access to computers (entire scope) behind the INSIDE interface. How can i do this?

Ex. Machine ( only) in DMZ needs to RDP into Machines (172.16.5.x/21) on the INSIDE network.

BTW: I'm limited to the "Conduit Permit" command

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Kureli Sankar Fri, 03/26/2010 - 13:35
User Badges:
  • Cisco Employee,

You need static (inside,dmz) netmask

Then you need to allow the DMZ hosts via an ACL to reach the inside hosts on port 3389.


Jennifer Halim Fri, 03/26/2010 - 20:59
User Badges:
  • Cisco Employee,

With the static configuration that kusankar advise, here is the conduit configuration:

conduit permit tcp eq 3389 host

Hope that helps.


This Discussion