hi all can someone pls help me. i am able to authenticate rdp and all other kinds of trafic with the help of virtual http and virtual telnet from inside to outside. but i am unable to achieve the same from outside to inside.
int e0
no sh
nameif outside
ip add 1.1.1.1/24
int e1
no sh
nameif inside
ip add 10.1.1.1/24
acs server is on 10.1.1.3 and rdp server is on 10.1.1.2
host is connected on the outside with 1.1.1.2
aaa-server cisco protocol tacacs+
aaa-server cisco (inside) host 10.1.1.3
key cisco
static(inside,outside) 1.1.1.3 10.1.1.2 netmask 255.255.255.255
access-list 101 per tcp any host 1.1.1.3 eq 3389
access-list 101 per tcp any host 1.1.1.4 eq 80
access-list 101 per tcp any host 1.1.1.5 eq 23
access-group 101 in interface outside
virtual-telnet 1.1.1.5
virtual-http 1.1.1.4
when i am trying to telnet or do http to this virtual ip;s i am not getting triggered for authentication. what could be the problem. so i have to do a static nat for virtual http and virtual telnet servers.
what am i missing. can someone pls help me.
on the acs server also i have permitted http 1.1.1.4 and telnet to 1.1.1.5.
pls urgent help required.
regards
sebastan