RDP from external network

Question

I have tried Dnat to allow RDP access to internal network via XG 210 to no avail 
 I was going to use the business app template for non http policy to get remote access with port forwarding but it is no longer listed in the templates 
 Very frustrating when you follow the articles but they are either out of date or dont work as stated 
 
 I need to get RDP remote access to the internal server via the XG210 working first so then I can set up site to site ipsec vpn or ssl vpn via 2 remote sites with xg's 
 
 Need help 
 Thanks

sachingurung · Answer

Hi Nigel, 
 You need to forward the RDP traffic on port 3389 if the incoming port is configured as 1000 then, change the Destination Port to 3389(Default RDP port). Make sure modem forwards the incoming traffic to the firewall's interface. Take a packet capture on port 1000 and verify if the XG receives the traffic on the configured Port? Refer the KBA here to do a packet capture. 
 If you don't see any traffic on the configured port then you need to check the modem configurations. 
 Thanks

Aditya Patel · Answer

Hi Nigel, 
 You may need to check the issue by following the steps below. 
 Step 1: Check the Port you wish to use to connect the RDP to your internal server, by default if you did not mention the port it would follow TCP:3389 
 Note: 3389 is the default RDP port, I would advise you to use a custom port (to improve security) e.g as per the snapshot I have used to connect internal server using port 8763 and it will be DNAT with port 3389 as per the configuration of the Business policy 
 
 Step 2: Check the Firewall rule , it would need a DNAT rule Business Application Rule . 
 
 If configured Properly . 
 Test 3:Check in system Diagnostics > Packet Capture and Configure> BPF String ; port 3389 or port 8763 
 You should see the incoming traffic and Outgoing traffic . If there is no incoming traffic then you may need to check your ISP or your Gateway (if there is any). 
 Command on console > tcpdump 'port 3389 or port 8763 
 This would give an idea what may cause the issue.