Hi,

Before I installed the Cisco 861 I used a simple Linksys router and RDP worked just fine. I just forwarded port 3389 to the servers IP 192.168.0.1 and everything worked, I could log in into the server.

Now I'm trying to set up RDP on a Cisco 861, but..... not working......

My router got a fixed ip though the ISP. Can someone please give me some help ? Thanks in advance !

My routerconfig:

Building configuration...

Current configuration : 9282 bytes

!

! Last configuration change at 07:25:33 PCTime Tue Jan 3 2006 by DVMAdmin

! NVRAM config last updated at 07:25:33 PCTime Tue Jan 3 2006 by DVMAdmin

!

version 15.0

no service pad

service tcp-keepalives-in

service tcp-keepalives-out

service timestamps debug datetime msec localtime show-timezone

service timestamps log datetime msec localtime show-timezone

service password-encryption

service sequence-numbers

!

hostname administratie01

!

boot-start-marker

boot-end-marker

!

logging buffered 51200

logging console critical

enable secret 5 $1$IqhW$06dr6Y2q7cscIOR5bUsWr1

!

no aaa new-model

memory-size iomem 10

clock timezone PCTime 1

clock summer-time PCTime date Mar 30 2003 2:00 Oct 26 2003 3:00

!

crypto pki trustpoint TP-self-signed-635537874

enrollment selfsigned

subject-name cn=IOS-Self-Signed-Certificate-635537874

revocation-check none

rsakeypair TP-self-signed-635537874

!

!

crypto pki certificate chain TP-self-signed-635537874

certificate self-signed 01

  30820254 308201BD A0030201 02020101 300D0609 2A864886 F70D0101 04050030

  30312E30 2C060355 04031325 494F532D 53656C66 2D536967 6E65642D 43657274

  69666963 6174652D 36333535 33373837 34301E17 0D303630 31303231 32303034

  345A170D 32303031 30313030 30303030 5A303031 2E302C06 03550403 1325494F

  532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3633 35353337

  38373430 819F300D 06092A86 4886F70D 01010105 0003818D 00308189 02818100

  D77176FC D35ED86B 20C86E2E 46003C34 58DDA68D 26D4FEC4 73DAE739 D7BF6E0C

  CF06D14B F1B6664B 67CDE7FD C5EDB66E BBC0184E B96A3A8D 8C8E8BF1 64D6FC61

  961E32D4 42A93E69 A8DEA22E C89E34E5 EFAB44F3 359EC235 96E670B1 CB0B5695

  014FE5D8 FE2740A6 396B9FD7 BB69F048 BA3AEC80 1E74157F 34060078 13D97613

  02030100 01A37E30 7C300F06 03551D13 0101FF04 05300301 01FF3029 0603551D

  11042230 20821E61 646D696E 69737472 61746965 30312E79 6F757264 6F6D6169

  6E2E636F 6D301F06 03551D23 04183016 8014FD97 79FA75CB 647A32B3 0DEFCA16

  07328239 D2ED301D 0603551D 0E041604 14FD9779 FA75CB64 7A32B30D EFCA1607

  328239D2 ED300D06 092A8648 86F70D01 01040500 03818100 46B40985 B9DD44D6

  E83F36F9 6AE91FE4 C2BB5662 4E965E8D 396FC35D F574A71A 88453EC4 201F92CF

  6B177CCC 14E24123 97B16215 6E9CC0A3 76A96360 71C68937 3DA57479 D9F3BB52

  905DE3DB 1BC5C933 D6D089C3 9C592636 A69AF443 34F00B47 77DC58CE C2B7B0E3

  8D02D164 3D4807AE 0B567FF6 849EE77F 28113565 077587DB

            quit

no ip source-route

!

!

!

!

ip cef

no ip bootp server

no ip domain lookup

ip domain name yourdomain.com

!

!

license udi pid CISCO861-K9 sn FCZ1533C0NT

!

!

object-group service RDP

description RDP

tcp-udp eq 3389

tcp-udp source eq 3389

!

object-group service REMOTE_DESKTOP

tcp eq 3389

tcp source eq 3389

!

username DVMAdmin privilege 15 secret 5 $1$NLY2$LhTwKyL5zJ8qhDdGPgnzr0

username admin privilege 15 view root secret 5 $1$DWOC$Q3HI0KDRTd547WqCCIm4o0

!

!

ip tcp synwait-time 10

ip ssh time-out 60

ip ssh authentication-retries 2

!

class-map type inspect match-any SDM_BOOTPC

match access-group name SDM_BOOTPC

class-map type inspect match-any SDM_HTTPS

match access-group name SDM_HTTPS

class-map type inspect match-any SDM_SSH

match access-group name SDM_SSH

class-map type inspect match-any SDM_SHELL

match access-group name SDM_SHELL

class-map type inspect match-any sdm-cls-access

match class-map SDM_HTTPS

match class-map SDM_SSH

match class-map SDM_SHELL

class-map type inspect match-any SDM_DHCP_CLIENT_PT

match class-map SDM_BOOTPC

class-map type inspect match-any ccp-skinny-inspect

match protocol skinny

class-map type inspect match-any sdm-cls-bootps

match protocol bootps

class-map type inspect match-any ccp-cls-insp-traffic

match protocol cuseeme

match protocol dns

match protocol ftp

match protocol https

match protocol icmp

match protocol imap

match protocol pop3

match protocol shell

match protocol realmedia

match protocol rtsp

match protocol smtp

match protocol sql-net

match protocol streamworks

match protocol tftp

match protocol vdolive

match protocol tcp

match protocol udp

class-map type inspect match-all ccp-insp-traffic

match class-map ccp-cls-insp-traffic

class-map type inspect match-any ccp-h323nxg-inspect

match protocol h323-nxg

class-map type inspect match-any ccp-cls-icmp-access

match protocol icmp

match protocol tcp

match protocol udp

class-map type inspect match-any ccp-h225ras-inspect

match protocol h225ras

class-map type inspect match-any ccp-h323annexe-inspect

match protocol h323-annexe

class-map type inspect match-all sdm-access

match class-map sdm-cls-access

match access-group 101

class-map type inspect match-any ccp-h323-inspect

match protocol h323

class-map type inspect match-all ccp-icmp-access

match class-map ccp-cls-icmp-access

class-map type inspect match-all ccp-invalid-src

match access-group 100

class-map type inspect match-any ccp-sip-inspect

match protocol sip

class-map type inspect match-all ccp-protocol-http

match protocol http

!

!

policy-map type inspect ccp-permit-icmpreply

class type inspect sdm-cls-bootps

  pass

class type inspect ccp-icmp-access

  inspect

class class-default

  pass

policy-map type inspect ccp-inspect

class type inspect ccp-invalid-src

  drop log

class type inspect ccp-protocol-http

  inspect

class type inspect ccp-insp-traffic

  inspect

class type inspect ccp-sip-inspect

  inspect

class type inspect ccp-h323-inspect

  inspect

class type inspect ccp-h323annexe-inspect

  inspect

class type inspect ccp-h225ras-inspect

  inspect

class type inspect ccp-h323nxg-inspect

  inspect

class type inspect ccp-skinny-inspect

  inspect

policy-map type inspect ccp-permit

class type inspect sdm-access

  inspect

class type inspect SDM_DHCP_CLIENT_PT

  pass

class class-default

  drop

!

zone security out-zone

zone security in-zone

zone-pair security ccp-zp-self-out source self destination out-zone

service-policy type inspect ccp-permit-icmpreply

zone-pair security ccp-zp-in-out source in-zone destination out-zone

service-policy type inspect ccp-inspect

zone-pair security ccp-zp-out-self source out-zone destination self

service-policy type inspect ccp-permit

!

!

!

!

!

!

!

interface FastEthernet0

!

interface FastEthernet1

!

interface FastEthernet2

!

interface FastEthernet3

!

interface FastEthernet4

description $ES_WAN$$FW_OUTSIDE$

ip address dhcp client-id FastEthernet4

no ip redirects

no ip unreachables

no ip proxy-arp

ip flow ingress

ip nat outside

ip virtual-reassembly

zone-member security out-zone

duplex auto

speed auto

!

interface Vlan1

description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$ES_LAN$$FW_INSIDE$

ip address 192.168.0.10 255.255.255.0

no ip redirects

no ip unreachables

no ip proxy-arp

ip flow ingress

ip nat inside

ip virtual-reassembly

zone-member security in-zone

ip tcp adjust-mss 1452

!

ip forward-protocol nd

ip http server

ip http authentication local

ip http secure-server

ip http timeout-policy idle 60 life 86400 requests 10000

!

ip nat inside source list 1 interface FastEthernet4 overload

ip nat inside source static tcp 192.168.0.1 3389 interface FastEthernet4 3389

!

ip access-list extended RDP

remark CCP_ACL Category=1

permit object-group RDP any host 192.168.0.1

ip access-list extended REMOTE_DESKTOP

remark CCP_ACL Category=1

permit object-group REMOTE_DESKTOP any host 192.168.0.1

ip access-list extended SDM_BOOTPC

remark CCP_ACL Category=0

permit udp any any eq bootpc

ip access-list extended SDM_HTTPS

remark CCP_ACL Category=1

permit tcp any any eq 443

ip access-list extended SDM_SHELL

remark CCP_ACL Category=1

permit tcp any any eq cmd

ip access-list extended SDM_SSH

remark CCP_ACL Category=1

permit tcp any any eq 22

!

logging trap debugging

access-list 1 remark INSIDE_IF=Vlan1

access-list 1 remark CCP_ACL Category=2

access-list 1 permit 192.168.0.0 0.0.0.255

access-list 100 remark CCP_ACL Category=128

access-list 100 permit ip host 255.255.255.255 any

access-list 100 permit ip 127.0.0.0 0.255.255.255 any

access-list 101 remark CCP_ACL Category=128

access-list 101 permit ip any any

no cdp run

!

control-plane

!

banner exec ^C

% Password expiration warning.

-----------------------------------------------------------------------

Cisco Configuration Professional (Cisco CP) is installed on this device

and it provides the default username "cisco" for  one-time use. If you have

already used the username "cisco" to login to the router and your IOS image

supports the "one-time" user option, then this username has already expired.

You will not be able to login to the router with this username after you exit

this session.

It is strongly suggested that you create a new username with a privilege level

of 15 using the following command.

username <myuser> privilege 15 secret 0 <mypassword>

Replace <myuser> and <mypassword> with the username and password you

want to use.

-----------------------------------------------------------------------

^C

banner login ^CAuthorized access only!

Disconnect IMMEDIATELY if you are not an authorized user!^C

!

line con 0

login local

no modem enable

transport output telnet

line aux 0

login local

transport output telnet

line vty 0 4

privilege level 15

login local

transport input telnet ssh

!

scheduler max-task-time 5000

scheduler allocate 4000 1000

scheduler interval 500

end