Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

PIX 506E Access List Problem

I have a server behind the firewall which, up until a couple of weeks ago, I was able to RDP into (it's a Windows server). Now suddenly I can't, though everything seems to be fine on the server side of things. I know the commands used are old here, but it was set up a while ago by someone else. Could someone confirm that this looks right to pass RDP (TCP port 3389) traffic through?

3 REPLIES
Bronze

Re: PIX 506E Access List Problem

Although you have a conduit configured for RDP, a better approach is to use access lists. You can open port 3389 for RDP using an access list. Following link may help you

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00807d287e.shtml

New Member

Re: PIX 506E Access List Problem

I'm far more familiar with access lists, myself, so I don't really know how these conduits work. But you're basically saying I could toss the conduit for RDP and just use an access list (which I've used for this before)? I just don't want to break anything. But if that's what you mean, then couldn't most of those conduits be done through access lists?

Gold

Re: PIX 506E Access List Problem

Hi, yes, please move away from conduit statements to ACL's.

Original Doc from Cisco...

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_field_notice09186a00801d3621.shtml

Command reference on how to convert from conduits to ACL's...

http://www.cisco.com/en/US/docs/security/pix/pix63/command/reference/c.html#wp1026209

Hope it helps, pls rate posts!

242
Views
4
Helpful
3
Replies