Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Pix515 and ACL for RDP

Gents,

I have strange trouble. I added entry into inINS rules for out RDP access, but it doesn't work. Any advises or suggestions ?

PIX Version 7.0(5)

The added string is

access-list inINS extended permit tcp 10.30.65.0 255.255.255.0 any eq 3389

My config attached.

Thanks.

  • Other Security Subjects
2 REPLIES

Re: Pix515 and ACL for RDP

Hi .. I am assuming your are trying to access servers on your DMZ from devices on your inside right ..? you might want to try adding a nat (0) instruction ..i.e

access-list nonat extended permit tcp 10.30.65.0 255.255.255.0 any eq 3389

nat (inside) 0 access-list nonat

you might also need another one for the dmz interface i.e

access-list dmznonat extended permit ip any 10.30.65.0 255.255.255.0

nat (dmz) 0 access-list dmznonat outside

I hope it helps .. please rate it if it does

New Member

Re: Pix515 and ACL for RDP

No, I try outgoing RDP from 10.30.65.0/24 network to outside.

I rebooted the PIX, all is ok and working.

Why it didn't work before reload ?

All rules are correct.

I tried clear translations, but that have not helped.

clear xlate

clear nat

Any comments ?

Thanks.

106
Views
0
Helpful
2
Replies
This widget could not be displayed.