Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
567
Views
5
Helpful
3
Replies

Deny RDP traffice on PIX

simonator
Level 1
Level 1

‎03-16-2014 11:56 PM - edited ‎02-21-2020 05:07 AM

Good day CSC,

I am trying to configure an acl to deny rdp traffic on one of our server which has a static nat from one of our public IP. How can I configure it without dropping all other traffic? Will these configuration do it?

 

access-list (acl name) deny tcp any host (Public IP of server) eq 3389

access-list (acl name) permit ip any any

access-group (acl name) in interface outside

 

 

Attached also is the sanitized configuration of the PIX firewall so anyone can see what is configured in it.

 

Thanks in advance for all your help and replies :)

Preview file
5 KB
0 Helpful
3 Replies 3

pmahesh01
Level 1
Level 1

‎03-17-2014 01:09 AM

access list seems ok but dont see any reason to add the IP any any rule on the outside interface.

 

0 Helpful

simonator
Level 1
Level 1
In response to pmahesh01

‎03-17-2014 01:18 AM

Coz of the implicit deny?

0 Helpful

pmahesh01
Level 1
Level 1
In response to simonator

‎03-17-2014 01:54 AM

you will always want to block any request coming from outside other the ones you allowing.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card