[gfgkemp]

Hi, I’m having a problem NATing Remote Desktop through to custom ports. We have an IP390 with R62 at a remote location which is protecting a customer system. To manage the servers in the system we need to be able to connect with Microsoft Remote Desktop.

However, for security and because of a lack of available external public IP addresses at the remote location we want allow RDP access to multiple servers using one public IP address and multiple custom ports.

For example 100.0.0.1:8000 NATs to port 3389 on server A and 100.0.0.1:8001 NATs to port 3389 on server B.

I have two NAT rules setup for each server, one allows the initial connection and the other is the return rule as in the attached image but with a different custom port for each machine.

When this was first implemented connecting to the remote public IP and custom port worked and traffic could be seen in the logs. However, for some unknown reason the connection seems to have hung, no new connections could be made and the log on the firewall stopped reporting any of the expected entries and I don't even get any dropped packets being reported.

Has anyone come across this before or do I have a problem with the NAT rules?

Thanks

Graham