|
|
Question : Set up Cisco piX 515E for terminal server
|
|
hello, I am trying to open the firewall port 80 and 3389 on the pix to allow external IP to access our terminal server. the following commands will work right ?? for any IP
static (inside,outside) 198.66.93.XX 172.16.1.XX netmask 255.255.255.255 access-list outside_in permit tcp any host 198.66.93.XX eq http access-list outside_in permit tcp any host 198.66.93.XX eq rdp access-group outside_in in interface outside
what if i just want a certain IP/mask to come in what would i need to replace any host with?
|
Answer : Set up Cisco piX 515E for terminal server
|
|
Yes, that will work to allow traffic from anyone If you want to allow only specific subnets, replace 'host' with the subnet access-list outside_in permit tcp 12.34.5.0 255.255.255.0 host 198.66.93.xx eq http
|
|
|
|