Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
503
Views
0
Helpful
2
Replies

ASA5510 not allowing RDP connections

Quintin.Mayo
Level 3
Level 3

‎11-01-2017 10:48 AM - edited ‎02-21-2020 06:37 AM

We are trying to configure an IPsec VPN with a vendor. They are using a Palo Alto firewall. The tunnel is up and online but we are unable to RDP to some devices on our network from their side.  We have four devices in the 172.x.x.x range.  Can someone provide an configuration example that would allow RDP connections from the devices?  I'm new to ASA and any assistance would be appreciated.

Labels:
0 Helpful
2 Replies 2

Flavio Miranda
VIP
VIP

‎11-01-2017 11:58 AM

Hello @Quintin.Mayo

 Ideally we should see you firewall config. Allow traffic only may not be enough. 

But, to start:

 

access-list OUTSIDE-IN extended permit tcp "Origin" "Dest"  eq 3389

access-group OUTSIDE-IN in interface outside

 

 

0 Helpful

Marius Gunnerud
VIP
VIP

‎11-01-2017 04:40 PM

You say that it does not work for some devices, does that mean that there are some devices that this does work for?

It would help to see your full configuration (sanitized).

Assuming that the VPN configuration is correct then this is either an issue that the server is not listening for RDP or, and I am leaning towards this next possibility, Palo Alto has two routes through different interfaces back to the ASA and is sending return traffic through the wrong interface.  With other words, a configuration fault on Palo Alto side.  I have had this issue previously and it took a long time until the Palo Alto admins admitted there was an issue at their end.

--
Please remember to select a correct answer and rate helpful posts
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card