Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
402
Views
0
Helpful
2
Replies

Help enable 3389 from DMZ to Inside

awhadmin
Level 1
Level 1

‎03-26-2010 10:29 AM - edited ‎03-11-2019 10:26 AM

I'm using Pix 520 rev 4.2

I need to enable a computer in the DMZ RDP access to computers (entire scope) behind the INSIDE interface. How can i do this?

Ex. Machine (192.168.4.5/24 only) in DMZ needs to RDP into Machines (172.16.5.x/21) on the INSIDE network.

BTW: I'm limited to the "Conduit Permit" command

Labels:
0 Helpful
2 Replies 2

Kureli Sankar
Cisco Employee
Cisco Employee

‎03-26-2010 01:35 PM

You need static (inside,dmz) 172.16.5.0 172.16.5.0 netmask 255.255.248.0

Then you need to allow the DMZ hosts via an ACL to reach the inside hosts on port 3389.

-KS

0 Helpful

Jennifer Halim
Cisco Employee
Cisco Employee

‎03-26-2010 08:59 PM

With the static configuration that kusankar advise, here is the conduit configuration:

conduit permit tcp 172.16.5.0 255.255.248.0 eq 3389 host 192.168.4.5

Hope that helps.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card