cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1681
Views
0
Helpful
6
Replies

not able to access port 3389 over vpn

martinipenburg
Level 1
Level 1

we are not able to access port 3389 on host 10.45.4.2 over our vpn connection. vpn is up and running and we can access othet tcp ports on the host but not 3389. hereunder part of the config:

ip http server
no ip http secure-server
ip nat inside source route-map SDM_RMAP_1 interface BVI1 overload
ip nat inside source static tcp 10.45.4.2 18330 94.229.51.184 18330 route-map SDM_RMAP_2 extendable
ip nat inside source static tcp 10.45.4.1 3389 213.148.231.156 3389 extendable
ip nat inside source static tcp 10.45.4.1 5800 213.148.231.156 5800 extendable
ip nat inside source static tcp 10.45.4.1 5900 213.148.231.156 5900 extendable
!
access-list 1 remark SDM_ACL Category=16
access-list 1 permit 10.45.4.0 0.0.0.255
access-list 100 remark SDM_ACL Category=4
access-list 100 remark IPSec Rule
access-list 100 permit ip 10.45.4.0 0.0.0.255 10.45.1.0 0.0.0.255
access-list 101 remark SDM_ACL Category=2
access-list 101 remark IPSec Rule
access-list 101 deny   ip 10.45.4.0 0.0.0.255 10.45.1.0 0.0.0.255
access-list 101 permit ip 10.45.4.0 0.0.0.255 any
access-list 102 deny   ip host 10.45.4.2 10.45.1.0 0.0.0.255
access-list 102 permit ip host 10.45.4.2 any
route-map SDM_RMAP_1 permit 1
match ip address 101
!
route-map SDM_RMAP_2 permit 1
match ip address 102
!
!
control-plane
!
bridge 1 protocol ieee
bridge 1 route ip

any help?

1 Accepted Solution

Accepted Solutions

Hello,

I am glad that it is working, I know we didnt do anything, but people get here to find an answer. Since your issue was related to the computer, can you make this question as answered so other people can see that it was a computer problem? And, would you mind putting a brief description of what you did so other people can use it in case they have an issue?

Mike.

Mike

View solution in original post

6 Replies 6

Maykol Rojas
Cisco Employee
Cisco Employee

Hello,

Can you start wireshark on the host 10.45.4.2 and see if you receive port 3389?

Mike.

Mike

Hi Mike,

as far as i can see thrue wireshark packets at port 3389 are not received.

Martin

What type of VPN do you have? Is it a lan to lan? If so, can you send the configuration from both devices?

Mike

Hi Mike,

we found the cause of the problem on the windows computer, it was not related to the router/vpn. sorry for confusion and thank you for your help.

martin

Hello,

I am glad that it is working, I know we didnt do anything, but people get here to find an answer. Since your issue was related to the computer, can you make this question as answered so other people can see that it was a computer problem? And, would you mind putting a brief description of what you did so other people can use it in case they have an issue?

Mike.

Mike

problem was not caused by cisco device but by windows application winconnect which is a kind of terminal server applica

tion and which blocked port 3389.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: