Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 2 replies
  • Answers 1 answer
  • Subscribers 4 subscribers
  • Views 2232 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Can't log remotely via NAT

MohamedSobhy

hello 

after configure NAT role

 

i checked firewall live log and see this transaction 

NAT rule #2 TCP  
10.0.1.57 : 62362
196.218.167.4 : 3389
 
[SYN] len=52 ttl=128 tos=0x00 srcmac=40:a8:f0:5b:4c:1c dstmac=64:66:b3:01:19:e2

 but i can't login 



This thread was automatically locked due to age.
  • 0

    (Looks like) source and destination is in the same subnet, so you don't need DNAT. Otherwise the destination see that the source is in its own subnet, and sends the answer back to the source directly without passing the UTM. The source doesn't know about this connection and will ignore/block it.

    Also you need not do DNAT the service when its the same as the incoming service.

     

    Jas Man

  • 0

    Hi, Mohamed, and welcome to the UTM Community!

    First, see #5 in Rulz.

    Jas man is right, the problem is the DNAT as that only works for traffic coming in from the Internet.  You want Accessing Internal or DMZ Webserver from Internal Network.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?

Unfiltered HTML