RDP to Server with the XG WAN having a private IP

Question

My set up at the moment is 
 ISP 210.250.200.10 => Router 192.168.1.1 => XG WAN interface 192.168.1.55 => DMZ Server 192.168.206.10. 
 
 I would like to RDP to my server in DMZ from the internet. The problem i am having is that my XG is not directly connected to the public IP instead its getting its WAN IP address from a Private IP address given by the router. There is now way round this set up. 
 How can i configure the XG to allow me RDP into the server. 
 
 Any help will be greatly appreciated.

emmosophos · Answer

Hello Davox, 
 Thank you for contacting the Sophos Community! 
 You would need to open the RDP Port on your upstream server, basically do a DNAT, and then do the same on the XG. 
 In the XG you can create the DNAT rule using the Server Access Assistance (DNAT), however, first you will need to create the RDP service 
 Go to System >> Hots and Services >> Services >> Add 
 Name = RDP_3389 
 Type = TCP/UDP 
 Protocol = TCP 
 Source Port = 1:65535 
 Destination Port = 3389 
 Once it is saved go to Rules and policies >> NAT rules >> Add NAT Rule >> Server Access Assistant (DNAT) 
 Internal IP = 192.168.206.10 
 Public IP address = #PortX = 192.168.1.55 
 Services = RDP_3389 (the one created) 
 External Source = Any 
 To confirm if the XG is receiving the communication from your upstream Router, you can do a tcpdump on the XG by using the Advanced Shell (5>3) 
 # tcpdump -eni Port2 port 3389 
 Regards,

RDP to Server with the XG WAN having a private IP

Top Replies