Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 10 replies
  • Answers 1 answer
  • Subscribers 5 subscribers
  • Views 7900 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Port Forwarding Good/Bad!

SecretSquirrel__

Hey guys I am having an issue properly setting up RDP port forwarding I am able to open the port but when I try to connect remotely it doesnt work, but locally works like a dream!

Am i missing something plainly obvious? :) I am also setting up a Site to Site VPN that is having the IPSec traffic drop :( 

be gentle I am a newb lol I also included some pictures of my config 

 

Thanks in advance, also I included the firewall rule killing my 3389 traffic

I checked to see if the port is open and it shows open to internet

 

 

2017:01:28-13:48:11 grazziani ulogd[4623]: id="2000" severity="info" sys="SecureNet" sub="packetfilter" name="Packet logged" action="log" fwrule="62001" initf="eth1" srcmac="00:01:5c:6a:d8:46" dstmac="84:16:f9:05:75:47" srcip="198.199.98.246" dstip="XXX.XXX.XXX.XXX" proto="6" length="60" tos="0x00" prec="0x00" ttl="53" srcport="59776" dstport="3389" tcpflags="SYN"


This thread was automatically locked due to age.
Parents
  • 0

    Hi, and welcome to the UTM Community!

    Please Edit your original post, and insert your images into the post. We can't know if imgur is properly protected. The only malware I've gotten in over 10 years was from an external link to a picture in this forum several years ago.  Thanks in advance!

    I obviously can't critique your config at the moment[;)], but I would take a different approach.  I don't like opening ports to the world, so my recommendation would be to configure a Remote Access method and to use that instead of a DNAT.  I prefer the SSL VPN.

    If you want to figure out what's going wrong here, it's probably #3 or possibly #4 in Rulz.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    I just updated my original posting with a picture included :)

     

    I was thinking of setting up a SSL VPN regardless but I currently have a site-to-site VPN router that I want to allow into the network but the traffic keeps getting dropped its an IPSEC setup. I always see the connection being attempted port 500 but the firewall kills it. :(

  • 0 in reply to SecretSquirrel__

    Thanks for the pic - I can see that #4 isn't violated, but how about #3 in Rulz for "Efraim Desktop?"

    Please start a thread in the VPN forum to ask about your site-to-site.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Here is my desktop it doesnt look like it violating #3 ?

     

     

  • 0 in reply to SecretSquirrel__

    If your desktop has the IP of "Internal (Address)" as its default gateway, then I think we can eliminate routing as the cause of the problem.

    In 'Network Protection >> Firewall', select "All" instead of "User-created firewall rules" at the top.  Edit the one related to your NAT rule and activate logging.  If the firewall is allowing forwarded packets to your desktop, then you have a problem in the desktop.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    I am still stumped because for whatever reason its still blocking via internet to RDP but locally it works, I will setup an SSL VPN to be able to connect locally.

     

    I was able to allow my media server to be connected via internet so I have the proper config setup :)

     

    When I tried to connect via RDP using my public IP it fails but when I check to see if the port is open it says the ports open

     

Reply
  • 0 in reply to BAlfson

    I am still stumped because for whatever reason its still blocking via internet to RDP but locally it works, I will setup an SSL VPN to be able to connect locally.

     

    I was able to allow my media server to be connected via internet so I have the proper config setup :)

     

    When I tried to connect via RDP using my public IP it fails but when I check to see if the port is open it says the ports open

     

Children
  • 0 in reply to SecretSquirrel__

    Did you edit the automatically created rule in 'Firewall' so that you can see in the Firewall Live Log if the packet is going to your PC?

    I still think your description indicates that the PC does not have the UTM as its default gateway.  Try replacing the DNAT with a Full NAT that changes the Source to "Internal (Address)."  If that solves the problem, we've proven that the PC doesn't have the UTM as its default gateway.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?

Unfiltered HTML