RDP to Multiple Servers with a Cisco PIX/ASA Firewall
KB ID 0000167 Problem WARNING: Allowing RDP traffic from ‘any’ IP this is a monumentally bad idea, ONLY allow RDP traffic from trusted hosts/networks, or better still, limit RDP to clients/locations the have their traffic protected by VPN. You want to connect via “Remote Desktop” to multiple servers behind your firewall. To do this you have three options. Note: This is an old article that refers to ‘pre...
Cisco Firewalls Changing the Web Management Port
Cisco 5500 Changing the ASDM Port Unable to Port Forward HTTPS KB ID 0000268 Problem You want to change the port that the Cisco ASDM runs over, or you are attempting to port forward https/ssl and see the following error Error: ERROR: unable to reserve port 443 for static PAT ERROR: unable to download policy You are trying to port forward (Create a static PAT entry) on a Cisco ASA for port 443 / https. This port is in use by the ASDM....
Allow access to VMware View through Cisco ASA 5500
KB ID 0000545 Problem To access VMware View though a firewall you need the following ports to be open; TCP Port 80 (http/www) TCP Port 443 (https/ssl) TCP Port 4172 (PCoIP) UDP Port 4172 (PCoIP) In the following example I’m using 192.168.1.100 as the internal IP address of the View Server and the public IP address of the firewall is 123.123.123.123. Which solution you use, depends on weather you are allowing access via a...
Cisco Firewall (ASA/PIX) – Granting Access to an FTP Server
KB ID 0000772 Problem If you have an FTP server, simply allowing the FTP traffic to it wont work. FTP (in both active and passive mode) uses some random high ports that would normally be blocked on the firewall. So by actively inspecting FTP the firewall will know what ports to open and close. Solution How you ‘allow’ access to the FTP server will depend on weather you have a public IP address spare or not, if you only...
Cisco ASA – Port Forwarding To A Different Port
Port Translation KB ID 0001087 Problem Note: This is for Cisco ASA 5500, 5500-x, and Cisco Firepower devices running ASA Code. A very long time ago I wrote an article about how to port forward from a public IP address to multiple servers for RDP. Basically you would connect to the firewall using various different ports, and the firewall would change the port to the correct one for RDP (TCP port 3389, unless you changed it on the...