Proper Port forward / Firewall Filter: RDP

ChTechCoord · 06-30-2009, 06:51 PM

I have been working on this, and researching the thread since installing UT about 3 weeks ago. I have not been able to allow RDP (3389) to pass through to the server.

The servers internal IP address is 1.3.
The UT internal IP: 1.1
Installed NAT for my public IP address.

Setup rule to allow 3389 to pass from external port to 1.3

I can remote the UT fine,.. but all attempts to RDP to the server fails. I added PROTOCOL to the Rack to filter trace things, but I don't see any port 3389 traffic - not being logged or blocked according to the event log.

I've followed the Troubleshooting guide, compared other settings, and still fail.

Looking for some suggestions. Thanks.

proactivens · 06-30-2009, 08:22 PM

please post your firewall and port forward rules as configured here.

mrunkel · 07-01-2009, 01:06 PM

also our wiki has some pretty great tips for troubleshooting NAT.

A plain vanilla UT needs very little to port forward:

1.) Create forward rule.
2.) use the settings that we've defaulted for new rules, put the port # in the destination port box, put the internal IP into the box at the bottom of the rule.
3.) Click save.

That's it.

The rule will not work from inside, only from outside, but that's all you need.

Make sure the server is using untangle as the default gateway.

m.

ChTechCoord · 07-01-2009, 02:16 PM

Thanks for the advice. Follow up:

Deleted and re-created the rule following mrunkel's suggestion, and am able to access RDP via external site now. I suppose I was trying to make it to complex.

Problem solved.

lbgaus · 07-02-2009, 09:10 AM

As far as the protocol control filter/logging goes, I had that problem myself and managed to fix it.

I'd recommend you add an entry to the protocol filter following the last post at http://forums.untangle.com/protocol-...ock-log-2.html

06-30-2009, 06:51 PM	#1 (permalink)
ChTechCoord Untanglit Join Date: Jun 2009 Posts: 14	Proper Port forward / Firewall Filter: RDP I have been working on this, and researching the thread since installing UT about 3 weeks ago. I have not been able to allow RDP (3389) to pass through to the server. The servers internal IP address is 1.3. The UT internal IP: 1.1 Installed NAT for my public IP address. Setup rule to allow 3389 to pass from external port to 1.3 I can remote the UT fine,.. but all attempts to RDP to the server fails. I added PROTOCOL to the Rack to filter trace things, but I don't see any port 3389 traffic - not being logged or blocked according to the event log. I've followed the Troubleshooting guide, compared other settings, and still fail. Looking for some suggestions. Thanks.

06-30-2009, 08:22 PM	#2 (permalink)
proactivens Master Untangler Join Date: Sep 2008 Location: Greensburg, Pa Posts: 988	please post your firewall and port forward rules as configured here. __________________ www.untangleappliances.com James Martin, MCSE, CCNA Skype me! Proactivens jmartin@untangleappliances.com

07-01-2009, 01:06 PM	#3 (permalink)
mrunkel Master Untangler Join Date: Jul 2008 Posts: 655	also our wiki has some pretty great tips for troubleshooting NAT. A plain vanilla UT needs very little to port forward: 1.) Create forward rule. 2.) use the settings that we've defaulted for new rules, put the port # in the destination port box, put the internal IP into the box at the bottom of the rule. 3.) Click save. That's it. The rule will not work from inside, only from outside, but that's all you need. Make sure the server is using untangle as the default gateway. m. __________________ m. Big Frickin Disclaimer: While I'm pretty sure, I can't guarantee that I know what I'm doing. There might be a better way to do this, and this way might actually suck. Make sure you understand the implications of what you're doing before trying to follow these directions. It often helps troubleshooting if you have a good network map. Look here if you want my advice on how to draw one.

07-01-2009, 02:16 PM	#4 (permalink)
ChTechCoord Untanglit Join Date: Jun 2009 Posts: 14	Thanks for the advice. Follow up: Deleted and re-created the rule following mrunkel's suggestion, and am able to access RDP via external site now. I suppose I was trying to make it to complex. Problem solved.

07-02-2009, 09:10 AM	#5 (permalink)
lbgaus Newbie Join Date: May 2009 Posts: 7	As far as the protocol control filter/logging goes, I had that problem myself and managed to fix it. I'd recommend you add an entry to the protocol filter following the last post at http://forums.untangle.com/protocol-...ock-log-2.html