Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Deny RDP traffice on PIX

Good day CSC,

I am trying to configure an acl to deny rdp traffic on one of our server which has a static nat from one of our public IP. How can I configure it without dropping all other traffic? Will these configuration do it?


access-list (acl name) deny tcp any host (Public IP of server) eq 3389

access-list (acl name) permit ip any any

access-group (acl name) in interface outside



Attached also is the sanitized configuration of the PIX firewall so anyone can see what is configured in it.


Thanks in advance for all your help and replies :)

Everyone's tags (1)
New Member

access list seems ok but dont

access list seems ok but dont see any reason to add the IP any any rule on the outside interface.


New Member

Coz of the implicit deny?

Coz of the implicit deny?

New Member

you will always want to block

you will always want to block any request coming from outside other the ones you allowing.

CreatePlease login to create content