cannot conenct rdp to server via RDP whilst connected via vpn

James Simpson · ‎10-05-2016

Hi All

I am trying to RDP to a server in my DMZ whilst connect via client vpn. My IP address is 172.35.0.113

Vpn pool : 172.35.0.0/24

I created the following objects

object network MLDASWeb-DEV01
host 10.10.10.13

object network MLDASWeb-UAT01
host 10.10.10.14

object network MLDASWeb-PROD01
host 10.10.10.15

object-group network DAS_BOXES
description TRAPEZE_DAS_BOXES
object network MLDASWeb-DEV01
object network MLDASWeb-UAT01
object network MLDASWeb-PROD01

here is the access list rule

access-list RemoteUsers remark allow remote users access to the DAS Boxes
access-list RemoteUsers extended permit ip object NETWORK_OBJ_172.35.0.0_24 object-group DAS_BOXES

It is the connection refused box that comes up no prompt

Ive checked the asdm logs and there is nothing for the RDP port from my address

Is it that I need a no nat statement, or something else ?

Many thanks

Georg Pauwen · ‎10-06-2016

James,

as far as I know, you need an object group service for RDP and apply it to the access list:

--> object-group service RDP tcp

--> port-object eq 3389

--> access-list RemoteUsers extended permit ip object NETWORK_OBJ_172.35.0.0_24 object-group RDP

James Simpson · ‎10-07-2016

Hi All sorted thanks it was standard access list that was needed on another access-list

Georg Pauwen · ‎10-07-2016

James,

glad to know that you got it figured out !