Hello,

i have issue i read a lot about it but i am still not sure of what  action to take.

i have client wants to access  server in the dmz using RDP but its so so slow  to connect to it , take up to 5/10 minutes to connect and sometimes its fail.

***********************************************************************************************************************************************

ccess-list acl-dmz-servers-in extended permit object-group webapp-ad object webapp-2 object 172.16.30.2:3
access-list acl-dmz-servers-in extended permit object-group webapp-ksql object webapp-2 object 172.16.30.6:8
access-list acl-dmz-servers-in extended permit object-group webapp-sql object webapp-2 object 172.16.30.18
access-list acl-dmz-servers-in extended deny ip any object inside-172.16.0.0-16
access-list acl-dmz-servers-in extended deny ip any object inside-10.1.0.0-16
access-list acl-dmz-servers-in extended permit ip any any

***********************************************************************************************************************************************

access-group acl-outside-in in interface outside
access-group acl-dmz-in in interface dmz
access-group acl-dmz-servers-in in interface dmz-servers
***********************************************************************************************************************************************

this is the access-list and access-group

dmz security level 50

inside security level 100

outside 0

i allow any  at the end of the dmz access-list to allow them to connect to the internet.

Note : all traffic pass  on IPS , but that not issue as when i remove the ACL all back to be normal.

when i remove all the access-list everything work normal and  the client can access the server  from inside to dmz without any issue , the issue happen only when i apply the access-list.

Best Regards,