cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1220
Views
0
Helpful
1
Replies

need help with RDP access to any host on DMZ from Inside network

nssaustin
Level 1
Level 1
1 Reply 1

Hi,

To allow communication from inside to DMZ in this case you use static for the translation:

static (inside,dmz) inside inside netmask 255.255.0.0

And allow the traffic on the ACL:

access-list inside-outbound extended permit tcp any host sftp eq 3389

So, it seems you have the configuration...

If it does not work do the following test:

packet-tracer input inside tcp 1.1.1.1 1025 2.2.2.2 3389

The above will show us if the packets are being dropped by the ASA for some reason.

Assuming 1.1.1.1 is the real IP of the inside host accesing the DMZ host 2.2.2.2

Federico.

Review Cisco Networking for a $25 gift card