Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Terminal services

HI all ,

well Like you all know to allow access to mail on the firewall , I will only allow or permit port SMTP as it allows access to mail server which is mapped with a public IP. Can any one tell me which Port I have to enable as such to allow Terminal service access only on another server with a Live IP so as to give access from the outside.

Thanx in advance.


  • Other Security Subjects
New Member

Re: Terminal services

Windows Terminal services uses:

TCP 1494 (If using ICA Client - Citrix)

TCP 3389 (If using RDP Client - Microsoft)

Sometimes UDP 1604 for 'Published Applications'

So in PIX commands this would be:

static (inside,outside) OutsideIP InsideIP netmask 0 0

# Create the appropriate ACL for your setup

access-list aclin permit tcp any OutsideIP eq 1494

access-list aclin permit tcp any OutsideIP eq 3389

# Bind the ACL

access-group aclin in interface outside

New Member

Re: Terminal services

Gbbromley ,

Thanx a Lot. I have not yet worked out the above , but am sure will help me out.Thanx again.

Have a nice day.



Re: Terminal services


All you should have to do is map a public IP Address with a static command to an internal private IP Address and then open up the terminal services port like you would for SMTP to that public IP Address. The answer you are looking for is port 3389 is what terminal server uses. See two following commands for a reference:

static (inside,outside) netmask 0 0

conduit permit tcp host eq 3389 any

Hope this works out for you,


This widget could not be displayed.