Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

need help with acl for rdp

i am looking to create an acl to block all traffic except for remote desktop connections to an interface on a cisco 3640

the total network is basically a 10.0.0.0 and the network for the interface is 10.101.150.0

4 REPLIES
Hall of Fame Super Blue

Re: need help with acl for rdp

Hi Adam

It's not clear what you mean by an interface on the router. The following access-list would only allow rdp connections but it's a little difficult to suggest which interface to apply it to and in which direction.

access-list 101 permit tcp any 10.101.150.0 255.255.255.0 eq 3389

access-list 101 deny ip any any

int fa0/0

ip access-group 101 out

This assumes the network 10.101.150.0 is connected to the fa0/0 interface on your router.

The above access-list will only allow traffic sent to a host on 10.101.150.0 network on port 3389. It will block everything else.

HTH

Jon

New Member

Re: need help with acl for rdp

sorry i should have been a little more specific. the interface would be fastethernet 0/1 and i want to limit all inbound and outbound traffic

New Member

Re: need help with acl for rdp

access-list 110 permit tcp 10.0.0.0 0.255.255.255 host 10.101.150.0 0.0.0.255 eq 3389

apply it to the interface

New Member

Re: need help with acl for rdp

oops.. too much time on the PIX. those wild card masks should be reversed. 255.0.0.0.0, etc

181
Views
5
Helpful
4
Replies
CreatePlease to create content