10-07-2015 11:07 AM - edited 03-11-2019 11:42 PM
I would like to allow RDP in from only a specified IP. Right now RDP is not allowed from any IP, but SSH is allowed in
FastEthernet 0/0 is my WAN interface
interface FastEthernet0/0
ip address dhcp
ip access-group Block_Stuff in
!
ip nat inside source static tcp LANIP 80 FastEthernet0/0 80 extendable
ip nat inside source static tcp LANIP 3389 FastEthernet0/0 3389 extendable
!
ip access-list extended Block_Stuff
permit tcp any WANBlock 0.0.0.7 eq 22
permit tcp host SpecifiedIP eq 3389 host FastEthernet0/0 eq 3389
deny tcp any any eq 22
deny tcp any any eq 3389
permit ip any any
Solved! Go to Solution.
10-07-2015 11:46 AM
Change this line -
"permit tcp host SpecifiedIP eq 3389 host FastEthernet0/0 eq 3389"
to this -
"permit tcp host SpecifiedIP host <public IP on interface> eq 3389"
Jon
10-07-2015 11:16 AM
This is an 1841 router running 12.4(15)
10-07-2015 11:46 AM
Change this line -
"permit tcp host SpecifiedIP eq 3389 host FastEthernet0/0 eq 3389"
to this -
"permit tcp host SpecifiedIP host <public IP on interface> eq 3389"
Jon
10-07-2015 01:13 PM
That worked thanks,
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide