There are 9 remote & 1 central locations in our network. As you knew, these routers have ADSL port as a wan interface. We already configured all of these 877 routers via SDM. Basic firewall was enabled in this config. And we permitted 3389 port for remote desktop connection in NAT in central router. Remote locations cannot connect to the internet. They only connect to central office (p2p) for executing application in central office.
But, when we enable basic firewall in this configuration other locations cannot connect to central office for executing the application.
1. How can remote locations connect to central office while basic firewall is enabled ?
2. How can we protect the central office router from ping, telnet, and etc. ?
Please confirm you enabled the an UDP port of 3389.
1) Yes, depends on the configuration to allow what traffic.
2) Just block the unwanted traffic or allow the application you want is fine. So in this case, you only allow the remote desktop then it already prevent the traffic other than remote desktop to pass through.
The first ACL is used to allow telnet traffic, the second ACL is used to deny all traffic except the list above this command.
Moreover, if you want to add an ACL to a configure ACL in router, you better use notepad to copy the whole ACL and edit it in notepad then remove that copy ACL by'no access-list 101" then copy the whole ACL from the notepad to router. Moreover, the ACL will be scanned by the router one-by-one in sequence, so be sure to put the "deny ip any any" at last, otherwise, it will block the traffic which listed below this command.
Please let us know if there is any issue.
Or please list what traffic you want to allow or filter then I try to help. You can read the links above to understand how to configure ACL first.
We are pleased to announce availability of Beta software for 16.6.3. 16.6.3 will be the second rebuild on the 16.6 release train targeted towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are looking for early feedback from custome...