Allowing RDP to pass through ZBF

Unanswered Question
Jun 11th, 2010
User Badges:

I am setting up ZBF for a remote office that has a single server that needs to be reachable via the Internet.  So that I can get into the server remotely since it is on a standalone connection from our MPLS network, I have entered the following lines into the router config -

ip access-list extended ACL_RDP

permit tcp any host x.x.x.x eq 3389

class-map type inspect match-all RDP

match access-group name ACL_RDP

policy-map type inspect ccp-policy-ccp-cls--1

  class type inspect RDP


When I type the class type line, I get an error %No specific protocol defined in class RDP for inspections all protocols will be inspected.

Is there a better way to do the allowing of RDP through the firewall ?

Is the error I listed anything to worry about ?


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Diego Armando C... Wed, 06/23/2010 - 07:28
User Badges:
  • Bronze, 100 points or more


That messasge is not a problem. But you can specify in your class map a protocol and a port. You could match protocol TCP and port 3389 instead of using the ACL. That way the message log will not appear. But  your current config must be working fine


This Discussion