I know there are really a lot of topics about RDP and config on a asa 5506-x
But i try them almost all.
I want to setup a RDP gateway from a ip of a server in a data center back to the office.
Don't want RDP open voor the compleet world only from the ip of the server in the data center so that only users with a DC account on the data sever in the data center can use it.
No account no RDP back home.
But im compleet stuck i do a tracert from the data center back home it stops on the first hope that is normaly the gateway so that is oke but then the asa and can't conect with rdp
Provider has no ports blockt and the asa outside is in bridge mode (Vlan998)
And no windows firewalls close.
I know i do something rong on the asa but can not see it.
Config asa 3 lines also 3 separate vlans outside and 5 Vlans on the inside
Rdp from data center to vlan 998 then inside to a server in vlan 45
If somebody can point me in the right derection
so how does the DC connect to your FW? over the internet? in which case are you using a VPN?
Hi Dennis thx for respone.
The servers in the data centers have there own DC.and is a sub office
The RDP server there has his own internet so want to connect the office domein with rdp on port 3389.
Annyconct we use only to admin the servers basic and conect from home
rdp server is 81.xx.xx.xx
Fw is 62.xx.xx.xx with vlan 998
Still dont fully understand the setup, but it looks like you could do a simple static NAT/port forward on port 3389 for RDP and use an access list to allow only the public IP address of the trusted source to connect on RDP inbound.
nat (VLAN998,VLAN45) source static OBJ-STRATO OBJ-STRATO destination static OBJ-NET-HOST-10.10.45.107 OBJ-NET-HOST-10.10.45.107 service OBJ-SRV-TCP-3389 OBJ-SRV-TCP-3389
access-list RDP extended permit tcp any host 10.10.45.107 eq 3389
Hi Dennis thx
Both are already in the config eff put it for test to any
But eff then it runs dead