First let me draw a diagram
server---Router 2691---LAN
I need to apply access lists to this router that will allow anything inside access the server entirely, but limit the ports that the server can access such as terminal server. I created an access list with the ports that I wanted to allow in such as this: access-list 101 permit 10.69.69.0 0.0.0.255 any eq 3389 log
and ended the access list with deny ip any any. When I am on the server I can use terminal server no problem, but if I try to connect to the terminal server that is on the outside server from inside it does not work. it seems to change the destination port and there for gets blocked by the acl. Is this what is happening?
access-list dmz-in denied tcp 10.69.69.20(3389) -> 10.20.14.69(1397), 1 packe
thanks
Dave