Terminal services

tauseef · ‎10-17-2001

HI all ,

well Like you all know to allow access to mail on the firewall , I will only allow or permit port SMTP as it allows access to mail server which is mapped with a public IP. Can any one tell me which Port I have to enable as such to allow Terminal service access only on another server with a Live IP so as to give access from the outside.

Thanx in advance.

Tauseef

Tauseef@cadgulf.com

gbbromley · ‎10-18-2001

Windows Terminal services uses:

TCP 1494 (If using ICA Client - Citrix)

TCP 3389 (If using RDP Client - Microsoft)

Sometimes UDP 1604 for 'Published Applications'

So in PIX commands this would be:

static (inside,outside) OutsideIP InsideIP netmask 255.255.255.255 0 0

# Create the appropriate ACL for your setup

access-list aclin permit tcp any OutsideIP 255.255.255.255 eq 1494

access-list aclin permit tcp any OutsideIP 255.255.255.255 eq 3389

# Bind the ACL

access-group aclin in interface outside

tauseef · ‎10-19-2001

Gbbromley ,

Thanx a Lot. I have not yet worked out the above , but am sure will help me out.Thanx again.

Have a nice day.

Bye.

Tauseef

Tauseef@cadgulf.com

hatfieldphilips.com · ‎10-23-2001

Tauseef,

All you should have to do is map a public IP Address with a static command to an internal private IP Address and then open up the terminal services port like you would for SMTP to that public IP Address. The answer you are looking for is port 3389 is what terminal server uses. See two following commands for a reference:

static (inside,outside) netmask 255.255.255.255 0 0

conduit permit tcp host eq 3389 any

Hope this works out for you,

Brian

bshaw@hatfieldphilips.com