Link to home
Create AccountLog in
Avatar of ltwilliams
ltwilliams

asked on

Cisco firewall port forwarding

I am trying to set up a port forward on a cisco isa550 firewall. I am wanting to forward port 3390 to an internal IP address. I have set up the port forward and ACL in the firewall, but every time I try to remote in with Remote Desktop it does not work. It will work from within the the network by typing the internal IP address instead of the wan address. Any ideas?
ASKER CERTIFIED SOLUTION
Avatar of David Akinsanya
David Akinsanya
Flag of United States of America image

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer
Avatar of ltwilliams
ltwilliams

ASKER

So you are saying dont put anything in port forwarding, use static nat?
Looks like you are using ASDM

I use command line as that gives me a lot more control. You can use that, I guess. To be safe, turn on the feature that lets you view cli commands before delivering it to the device. I believe that is in preferences somewhere.

The idea is to identify source IP address and port. You can specify any for both. Identify the destination port 3390. Them specify the IP or host name of computer you're forwarding to.

To access the PC on that port, you may need to specify the port after the public IP. Generally, RDP will append :3389 for RDP communications when not specified. Eg
10.10.10.10:3390

Verify that RDP traffic is permitted on your firewall (ASA) and the firewall of the destination pc (if firewall is enabled there)

Lastly, make sure to turn on RDP feature on the destination PC and the user you are logging on as is allowed (if 'everyone' is not granted access)
Can you post your config?