NAT RULE TO SETUP RDP FROM WAN TO INTERNAL SERVER VERSION 18

Hi itguy381,

Thank you for reaching you to the community!

Please follow this KBA for more info: Sophos XG Firewall: How to DNAT / Port Forward to an internal server.

Thanks,

Hi itguy381,

Thank you for reaching you to the community!

Please follow this KBA for more info: Sophos XG Firewall: How to DNAT / Port Forward to an internal server.

Thanks,

Thank you for sending me the link. I tried using the PAT scenario as detailed in the video. This required

1. Creating a firewall rule

2. Creating a NAT rule  and then specified the port it should translate to.

However i am unable to RDP looking from the log viewer.

Hi itguy318,

Is there a specific reason for using HTTPS service as the original service? 

I would advise you to change the source port to some port that is not used within any other DNAT rule or local services like the user portal.

Thanks,

Hi Patel,

Thanks for the reply. In my case i am trying RDP to an on-prem server using PAT rules and you have advised me to rethink about HTTPS service. What i would like to do as well is use the WAF funtionality. So any request going to the public IP of the XG would get applied a DNAT rule and go to the internal webserver. Would i have to use a HTTP incoming request on the XG, and then get it translated to HTTPS to the web server. I am struggling with the WAF/DNAT functionality in V18. Sorry for this.

As you use RDP, your Service should be RDP in NAT and leave original.

This will NAT the Traffic and it should work. 

Still my concerns, you should not open RDP for public, no matter which IP you are using. 
VPN should be used. 

Thank you Lucar. This is a test environment . We use VPN and then initiate RDP connections to internal LAN clients. My tests were based on replacing my WAF rules and i experimented with RDP as well. I will try your suggestion and get back