ASA 5505 Rule Config

Hi guys

I'm trying to configure a rule that would allow RDP (port 3389) through Firewall from only one site (using public IP).

Any help configuring this would be greatly appreciated.

Thanks
CPropAsked:
Who is Participating?
 
Steven CarnahanNetwork ManagerCommented:
Taken from http://www.tech21century.com/configure-cisco-asa-5505-to-allow-remote-desktop-access-from-internet/

ASA version 8.3 and later


NOTE: Notice that in version 8.3 we reference the Real IP address (192.168.1.10) in the access-list and not the mapped IP

 
ciscoasa(config)# object network RDP_static
ciscoasa(config-network-object)# host 192.168.1.10
ciscoasa(config-network-object)# nat (inside , outside) static interface service tcp 3389 3389
ciscoasa(config)# access-list OUTSIDE-IN extended permit tcp <specific IP you want to permit>  host 192.168.1.10 eq 3389
ciscoasa(config)# access-group OUTSIDE-IN in interface outside

Open in new window

0
 
lloydclintonCommented:
If you have an ASA a more secure way would be to turn on the SSL vpn and create a shortcut to the RDP server.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.