Please let me preface this by saying I have not worked deep in networking in years and do not know much about firewalls in general. So please do no assume facts not in evidence.
I have a Cisco ASA 5505 running ASA Ver 8.4 and ASDM Ver 6.4. Firewall mode is set to Routed.
My goal is very simple. I want to allow RDP from the internet to a management server I have setup in my internal network. I know RDP is TCP port 3389. My internal network is a 176.128.1.x network. My external network is on a 126.96.36.199-6 range. The end-client that is initiating the RDP session could be coming in from any IP address on the internet.
I've looked through the GUI to try and determine how to configure this, but for the life of me I can't figure this out. I am looking under Configuration > NAT Rules > +Add This is the screen I get to, I just have no idea what data goes in what fields.
Any and all constructive assistance is appreciated.
Yes this does help. I have an outside IP (42.199102.5) that is dedicated just for the purpose of letting RDP traffic into a single server (188.8.131.52) on my LAN. As such I went with the last option you provided which seems to specificaly allow 3389 in and out. Does this mean I do not need to create an ACL or do I still need to do that?
So far this ASA is setup only to allow traffic out of my internal network and back in. No VPN, or anything else to this point. My next step was enabling RDP access. So, with that said, as far as I know I have not created an ACL yet. Not sure how I would go about that exactly. I will poke around on the system to try and figure it out, but if you (or anyone else) has any pointers they would be appreciated.
As an FYI...while I may be new to this, the IPs I provided are not my real IP addresses. Don't want anyone worrying that I would provide such info on a public forum. :-)
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :