I need to use PIX only for my Terminal Server with Public IP so that my External Users can access my Terminal Server through windows xp remote desktop. How should i configure PIX 515E to allow only RDP Connection for Terminal Server and block all other traffic?
Adam, I have a pix 515 and i need to allow an external ip address to access 8 different ip addresses on my internal lan. the 8 internal ip's are private ip's as well. ...so some nat involved too.
during a test i added an access-group (acl) to the outside interface and in doing so was able to connect from outside to inside using rdp (remote desktop , ms term svcs) BUT between those some two host, was UNable to ftp or http. strange that i could do rdp from an outside host to an inside host but NOT ftp or http. does the fact that i have ftp and http fixup statements cause this to not work? not sure. i ask because i read a solution on the web from someone who was able to get h323 voip inbound connections working through a pix515 and one of the steps they suggested was to remove the "fixup protocol h323 1720" statement.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...