Solved

configuring pix to allow terminal server from outside

Posted on 2007-11-30
6
236 Views
Last Modified: 2010-04-21
I have a new Pix 506e I have set up at a customer with 1 IP address how do I set it up so we can connect to the terminal server from the outside?  the Ip of the server is 192.168.1.200.

I have done this on a  pix with multiple IP addresses, but not on one with just one IP  please help!
0
Comment
Question by:mturnow
  • 4
  • 2
6 Comments
 
LVL 28

Accepted Solution

by:
batry_boy earned 500 total points
ID: 20386429
Since you have only the one public IP address, which is presumably used on the outside PIX interface, here's how to do it:

static (inside,outside) tcp interface 3389 192.168.1.200 3389 netmask 255.255.255.255
access-list outside_access_in permit tcp any interface outside eq 3389
access-group outside_access_in in interface outside

This allows any Internet host to RDP into that machine, so I would specify individual source IP addresses for that access list for security reasons if you know what they are.
0
 

Author Comment

by:mturnow
ID: 20386453
what do you mean by:

so I would specify individual source IP addresses for that access list for security reasons if you know what they are
0
 
LVL 28

Expert Comment

by:batry_boy
ID: 20386582
Well, if the people that you want to be able to access the server via a remote desktop connection have a known public static IP address, then you would find out what that is and then structure your access list using only the static IP address for those users.  For example, if you had an external user that had 1.1.1.1 as a static public IP address, then you would use the following access list statement to only allow that source IP address (1.1.1.1) to access that server via remote desktop:

access-list outside_access_in permit tcp host 1.1.1.1 interface outside eq 3389

You would then put in one of those statements like above for every user that had a static public address.  This may not be feasible for your situation since the users you want to have access the server may not have static public IP addresses.  Make sense?
0
NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

 

Author Comment

by:mturnow
ID: 20388053
Yep makes sense.  I will give this a try Monday morning.  
0
 

Author Comment

by:mturnow
ID: 20395908
did not work, gave me an error
0
 

Author Closing Comment

by:mturnow
ID: 31412062
nevermind i retried and it worked beautifully
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Cisco AP to get ip from DHCP 10 99
unable to set full duplex 100 on WAN interface 11 64
Cisco ASA blocks some https sites. 27 46
VoIP Polycom Phones not working 30 24
How to configure Site to Site VPN on a Cisco ASA.     (version: 1.1 - updated August 6, 2009) Index          [Preface]   1.    [Introduction]   2.    [The situation]   3.    [Getting started]   4.    [Interesting traffic]   5.    [NAT0]   6.…
This article will cover setting up redundant ISPs for outbound connectivity on an ASA 5510 (although the same should work on the 5520s and up as well).  It’s important to note that this covers outbound connectivity only.  The ASA does not have built…
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

820 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question