Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 7 replies
  • Answers 1 answer
  • Subscribers 29 subscribers
  • Views 1120 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos XG330 outgoing RDP

Joerg Frenker

Hi

we are using a XG330 (SFOS 18.5.2 MR-2-Build380). We have create a rule that allow RDP (TCP: 1-65535 : 3389) to dedicated server. But we are unable to open a connection by RDP, anyway if we enable no Port restriction to the host.

We already have tried to disable IDS and IPS but it doesn't work, any other connection like HTTP or HTTPs in the same rule works fine, but RDP not. It is always denied by the last rule of the firewall.

We also tried, change the position of the rule to the top of the rule, also: no effekt. There are no additional webfilter or security features enabled on that rule.

Is there anything else what have to be enabled or disabled that RDP is working?



This thread was automatically locked due to age.
Parents
  • 0

    Hello Joerg,

    did you configure MASQ for this outgoing interface? I mean, when gping from private IP to public internet you have to masq the internal network behind your public IP.

  • 0 in reply to jprusch

    Hello Philipp

    Yes MASQ is enables (that was the 1st 3hours of troubleshooting why the internet access not working :-) ) the other rules are working (also SSH connection to external servers), only RDP is not working.

    I have read here in the forum about the IDS rules, but they are all disabled for the firewall rule that "hold" the RDP rule, we also have disable the feature on the firewall, but no effect

    Here a Screenshot of the MASQ NAT Rule:

    Here a Screenshot of the Firewall-Rule:

    The other services of the rules are working

    Here the view of the protocol view:

    and for Rule #5:

    maybe it helps

  • +1 in reply to Joerg Frenker

    Hi,

    the protocol report shows the packets are not hitting yjr NAT rule. Do you have a generic NAT (MASQ) rule or soeufucu for each port ?

    Ian

  • 0 in reply to rfcat_vk

    Hi Ian

    yes, NAT MASQ is enabled (see the 1st Screenshot of my answer to Phillip  ANY Internal, ANY Service to External WAN [DTAG & DGF are our internet service provider]), the other services of the rule are working, only RDP is not working and show that kind of Log-Entries.

  • 0 in reply to rfcat_vk

    Hi Ian

    Are - now, i have create a linked NAT MASQ Rule for that Firewall-Rule, now it allows the traffic to outside. a bit confusing because of the Last Rule of the NAT that marks "any" outgoing traffic and services with NAT MASQ

Reply Children