10-05-2016 01:17 PM
Hi All
I am trying to RDP to a server in my DMZ whilst connect via client vpn. My IP address is 172.35.0.113
Vpn pool : 172.35.0.0/24
I created the following objects
object network MLDASWeb-DEV01
host 10.10.10.13
object network MLDASWeb-UAT01
host 10.10.10.14
object network MLDASWeb-PROD01
host 10.10.10.15
object-group network DAS_BOXES
description TRAPEZE_DAS_BOXES
object network MLDASWeb-DEV01
object network MLDASWeb-UAT01
object network MLDASWeb-PROD01
here is the access list rule
access-list RemoteUsers remark allow remote users access to the DAS Boxes
access-list RemoteUsers extended permit ip object NETWORK_OBJ_172.35.0.0_24 object-group DAS_BOXES
It is the connection refused box that comes up no prompt
Ive checked the asdm logs and there is nothing for the RDP port from my address
Is it that I need a no nat statement, or something else ?
Many thanks
10-06-2016 03:22 AM
James,
as far as I know, you need an object group service for RDP and apply it to the access list:
--> object-group service RDP tcp
--> port-object eq 3389
--> access-list RemoteUsers extended permit ip object NETWORK_OBJ_172.35.0.0_24 object-group RDP
10-07-2016 07:35 AM
Hi All sorted thanks it was standard access list that was needed on another access-list
10-07-2016 10:23 AM
James,
glad to know that you got it figured out !
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: