Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
267
Views
0
Helpful
1
Replies

1841 with Advanced Security IOS - Firewall questions

TalonKarrde
Level 1
Level 1

‎11-14-2005 04:57 PM - edited ‎03-09-2019 01:02 PM

Hi all,

I am setting up a new 1841 router for a customer. We have a few public IP addresses on one range, of which I use one for the Outside interface, and the others are mapped by static NAT to internal IP addresses on the router LAN.

This part works ok, but I cant figure out how to configure access lists or the firewall policy to allow additional traffic to access these static nat hosts. I have tried putting the whole public subnet as the destination, the individual internet address as the destination and even the private lan ip as the destination, but none of these methods allows the traffic to work

(eg. opening 3389 for Terminal Services to any of those destinations from any host does not allow terminal services to work).

Can anyone please offer some advice on what I am doing wrong and how I might get this working properly?

Thanks

Labels:
0 Helpful
1 Reply 1

jackko
Level 7
Level 7

‎11-14-2005 06:43 PM

an inbound acl should be pointed to the public ip and the acl should be applied on the router public interface.

e.g.

access-list 111 permit tcp any host eq 3389

int d0

ip access-group 111 in

0 Helpful
Customers Also Viewed These Support Documents