AaronHall.net Brings GoodThings2Life Someday, bringing GoodThings2Life will become a Paradigm!

Cisco ASA Configurations for Newbies : Enabling Remote Desktop / Terminal Services

One of the things I needed to do at work was to give myself remote desktop capability to a terminal server on my networks for off-site administration.

To do this, I logged into my ASA 5505 and used  the following commands:

access-list acl_out permit icmp any any
access-list acl_out permit tcp any interface outside eq 3389
global (outside) 1 interface
static (inside,outside) tcp interface 3389 Terminal-Server-IP 3389 netmask 255.255.255.255 0 0
access-group acl_out in interface outside

On one of my devices, I couldn’t figure out why it wasn’t working, but it turned out that I had forgotten the last command which enables the access-list on the outside interface.

One important note here is that you should make sure the name “acl_out” is appropriate for your configuration. If you’re not sure, you can use “show access-list” to figure it out. Also, make sure you replace “Terminal-Server-IP” with the internal IP address of your server.

Oh and this isn’t exclusive to Remote Desktop either… you can replace 3389 with any port needed (ie 80 for web or 110 for POP, etc).

This entry was posted on Wednesday, April 1st, 2009 at 8:48 PM and is filed under Tech News.

2 Responses to “Cisco ASA Configurations for Newbies : Enabling Remote Desktop / Terminal Services”

  1. On April 27th, 2009 at 2:02 AM tshabbir wrote:

    Thats grate

    This is fine way to share configs ,i was wondering on forms for search but you put on your site in very simplified method.

    I am looking forwerd for more configs of ASA .i have ASA 5520 .

    I am unable to trunking can u help me

  2. On May 9th, 2009 at 2:29 PM Aaron Hall wrote:

    In order to enable trunking on your ASA, it must be licensed to allow it. Usually that means you need the Security Plus license bundle.