Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

need help with RDP access to any host on DMZ from Inside network

deleted fixed

Everyone's tags (4)
1 REPLY

Re: need help with RDP access to any host on DMZ from Inside net

Hi,

To allow communication from inside to DMZ in this case you use static for the translation:

static (inside,dmz) inside inside netmask 255.255.0.0

And allow the traffic on the ACL:

access-list inside-outbound extended permit tcp any host sftp eq 3389

So, it seems you have the configuration...

If it does not work do the following test:

packet-tracer input inside tcp 1.1.1.1 1025 2.2.2.2 3389

The above will show us if the packets are being dropped by the ASA for some reason.

Assuming 1.1.1.1 is the real IP of the inside host accesing the DMZ host 2.2.2.2

Federico.

879
Views
0
Helpful
1
Replies
CreatePlease to create content