Monday, October 13, 2008

Configure RDP Port Forwarding on a Cisco ASA 5505

Share/Save/Bookmark




Cisco ASA5505
For those of you searching the Internet to try and find a good or simple example of how port forwarding is done on a Cisco ASA 5500 series firewall (in this example, it is a Cisco ASA 5505 version 7.2) This post contains a working example of a port forwarding configuration on a Cisco ASA 5505 that's allowing RDP, TCP port 3389, through the firewall to from the Internet to the LAN side to a server. For new users to the ASA, how to configure a port forwarding rule on a Cisco ASA 5505 can be a more easily accomplished if the working configuration of a working ASA5505 is viewed. For many of the more seasoned users of the Cisco security appliance, port forwarding is very easy and need not be searching for answers.

Since the RDP protocol and the services running on windows XP and Vista client machines are derivatives of Microsoft's Terminal Server, the proceedure for setting up a port forward configuration for Microsoft terminal server is the same. The Cisco ASA5505 is not concerned what you are connecting to behind it, it's just concerned that its own configuration allows the right data and connection to go through.

Below is a GUI shot of a working RDP (Terminal Server) port forward configuration running on a Cisco ASA 5500 series firewall. The TCP port number 3398 is forwarded from the outside interface that's part of VLAN2 to the inside interface that's part of the VLAN1.

!
interface Vlan1 nameif
inside security-level 100
ip address 192.168.1.1 255.255.255.0
!
interface Vlan2 nameif
outside security-level 0
ip address dhcp setroute

Using the example below, just swap out the ip addresses shown in the static NAT translation for port forwarding RDP (terminal Server) with your own and you have a connection from the Internet to the LAN.






If you prefer command line, it's three lines of code at the command line that will do a simple port forwarding for RDP on the Cisco ASA.

Here they are:

access-list outside_access_in extended permit tcp any interface outside eq 3389
static (inside,outside) tcp interface 3389 192.168.1.10 3389 netmask 255.255.255.255
access-group outside_access_in in interface outside

Obviously, if you are looking to use the lines of code shown in the example above, change the 192.168.1.10 ip address shown above to be the address of the computer or server your forwarding RDP (terminal server) port to connect to. You can essentially use this example for terminal server RDP or for any other forwarding requirement you may have like ftp, http,smtp, etc.


Link to this post:

http://remotesupportsoftware.blogspot.com/2008/10/configure-rdp-port-forwarding-on-cisco.html

Link to this blog:

http://remotesupportsoftware.blogspot.com


Posted by at 12 comments:
Labels: , , , , , ,

Thursday, May 15, 2008

Service Pack 3 Doesn't Install IE7

The fact that SP3 for XP doesn't install IE7 was a very good decision made by Microsoft. There are still too many applications that rely on IE7 and would break if installed with an update.


XPSP3 is just over 300 MB. This is a nice sized download and contains all previous hotfixes after SP2.





List of fixes:




Posted by at 2 comments:
Labels: , , , ,

Tuesday, May 13, 2008

Catastrophic Failure Message Display During Installation


Catastrophic failure for feature mini driver when installing, re-installing or removing the Fujitsu Windows scanning software.
If you get this message, while trying to install or remove the software from a desktop then open registry editor and do a search for the string windows scanning. Rename or remove the keys for these entries and especially the ones that have to do with the list of installed applications. The goal is to make Windows XP believe that this software is not already installed. Once this is complete then try installing the software again.
I had experienced this message while working with a fujitsu 5120 scanner. In windows, the scanner comes up as a fi-5120Cdj scanner and is popular with many medical manager applications.
Posted by at 1 comment:
Labels: , , , ,

HP Online Diagnostic - Memory




Posted by at 1 comment:
Labels: , , ,

Tuesday, May 06, 2008

Information Technology Support - Adventure (Rated PG): Computer Desktop and Server Management



Are you considering offering your customers a NOC type service for their desktops and servers. Want to monitor your customer's networ kand data infrustructure to provide more support and generate more revenue by knowing about problems before your customers do. Managed service can be provided by a software package known as Kaseya.
Posted by at 6 comments:
Labels: , , , , ,

Saturday, February 16, 2008

Supporting Technology with Technology.

Supporting Technology with Technology


Microsoft LiveMeeting has a new version and some great new features to go with it.

Sign-up for a demo:

LiveMeeting Demo

Read White Paper:

Conferencing and Collaboration White Paper
Posted by at 1 comment:

Monday, February 11, 2008

Computer Support - Adventure (Rated PG): Computer Remote Support Software

Computer Support - Adventure (Rated PG): Computer Remote Support Software
Posted by at No comments:

Microsoft Live Meeting - Easy Assist Tech Support



Microsoft LiveMeeting





Prior Post:
Computer Support - Adventure (Rated PG): Computer Remote Support Software


LiveMeeting Demo:

https://www.microsoft.com/en-us?ql=3

LiveMeeting Trial Download (registration form) :
https://www.microsoft.com/en-us?ql=3

LiveMeeting is more than a conferencing and collaboration application. Hidden inside is online software application is computer remote support software for computer remote support.

I have used Microsoft's professional service, ie. technical support, on more than one occasion. I use heir per incident feature and have had decent experiences most of the time. The tool that Microsoft's tech support almost alwys has used to get remote access of the server I was working on has been their own product. That product is Easy Assist. Although there was a time that their support person used Live Meeting.

Although I have been, as many of have, around Microsoft and their products for so many years, it was the first time I saw their Live Meeting product at all. I believed at the time it  was for conferencing and collaboration online only. That day however I saw that it's a viable remote support tool as well.

Microsoft's easy assist computer support tool is one which I am much more familiar with. It works very fast and unfortunately because I deal with so many computer problems, I know where to go and what to do before the Microsoft technical support rep even has a chance to tell me. That product is less in features than Live Meeting but then again. It was not intended to be a collaboration and conferencing tool, providing technical support remotely is it's primary goal and purpose. The features I saw in Live Meeting, a product that is under the Microsoft product category of Office Online, was unbelievable. The current release is still Live Meeting 2007 which very much signals how advanced the product was at the time. I suspect there have been some cosmetic changes and back-end server bug fixes, and updates, etc., but the functionality in my opinion for even remote support over the web needed no updating.


Desktop remote support can be accomplished with Microsoft's LiveMeeting. The attendees are in a session with the presenter can optionally allow access to their applications (1 or more) for viewing or for remote control. This is useful feature and built-in tool of LiveMeeting as for demoing feature of a program of for online training and guidance. Tech support can use this feature too as they can access the desktops of the remote computers to show users how to perform specific task within an application, correct configuration errors or even install/upgrade new software.

The benefits are far reaching and the benefits out-way any of the negatives which there was only one that I saw. Microsoft LiveMeeting needs to install using the windows installer which in itself is not that bad. Where is can be come complicated, especially in regards to presentations. is that if a remote computer has a problem with the windows installer service on their computer desktop then Livemeeting will not start. This problem is present for many online apps. One of the ways to circumvent it or to overcome the possibility of this occurring is to have another method for the software, in this case computer remote support software that is imperative that it downloads and connects, is to download and install. Many applications use activex to add features to the browser or to give online access to more features for the desktop to utilize for the duration for the duration of the time the connection persists.


Remote Support Software

For fast access to clients' remote desktops, computers and servers there no better choice than remote support software. Remote support software helps technical support departments, support groups and companies get to the problems faster by using the web rather than traditional means for access computers for support.

Remote support on the web


Remote support on the web for remote computer access and desktop remote control support.
Posted by at 4 comments:
Labels: , , , , , , ,

Wednesday, January 09, 2008

Hewlett Packard StorageWorks U320e (AH627A) Storage Controller and a Dell 2950 PowerEdge Server.

Hewlett Packard StorageWorks U320e (AH627A) Storage Controller and a Dell 2950 PowerEdge Server.


The Hewlett Packard StorageWorks U320e (AH627A) Storage Controller is not compatible with the Dell 2950 PowerEdge Server.

In a previous port I review software how software tools that give techs the ability to remotely access and remote control computers both on the LAN and the Internet, benefit both the organization the tech works for and the customer, client or user who is receiving the desktop support.
http://remotesupportsoftware.blogspot.com/2006/12/remote-support-softwarethere-are-many.html


This was an onsite customer support call:

In this post I want to tell the world (tech world) about a little problem with a Hewlett Packard StorageWorks U320e (AH627A) Storage Controller intended to be used with a tape autoloader In a Dell 2950. I hope everyone bookmarks this page and lets the world know about the compatibility problems of this card with the Dell 2950 Server.

The card simply does not work in the PowerEdge. It will work in a PowerEdge 2900 but not in the 2950 model (who knows why). HP finally confirmed the problem and they will be shipping me a new storage controller that will work with the 2950. The symptoms are the fans just operate at high speeds and do not reduce their speed and their is no video. There's no much you can do at this point. I updated the BIOS and every other thing that had an update for it from Dell's website for this service tag. It just would not work.

Now HP OEMs these cards and places their name on them. The manufacturer was unable to confirm that the Hewlett Packard StorageWorks U320e (AH627A) Storage Controller card would not work and Dell's support simply said the card is compatible and there's nothing wrong with the server. After speaking with HP support for several hours, it was determined that the Hewlett Packard StorageWorks U320e (AH627A) Storage Controller is not compatible with the Dell 2950 PowerEdge.

Link to this post:

http://remotesupportsoftware.blogspot.com/2008/01/hewlett-packard-storageworks-u320e.html
Posted by at No comments:
Labels: , , , , , , , , , ,
Subscribe to: Posts (Atom)