Announcement

Collapse
No announcement yet.

RDP access to multiple computers using SDM

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • RDP access to multiple computers using SDM

    Hello,

    I am experiencing problem configuring my Cisco router through SDM

    Hardware:
    Cisco 1811
    IOS: 12.4(6)T
    SDM: 2.5

    I would like to access multiple computers on the network using RDP client, by establishing port forwarding. Somewhere on this forum I believe I saw a recommendation to accomplish this through NAT. Here's the scenario that I wish to accomplish:
    a) x.x.x.x:3000 forwarded to 192.168.1.4:3389
    b) x.x.x.x:3001 forwarded to 192.168.1.5:3389

    I am attaching two JPGs. Scenario in JPG1 works. Scenario in JPG2 doesnt. I am curious as to what I am doing wrong. FYI I am setting up the rules for both TCP and UDP. Also, in JPG2, I tried both scenarios in flipping port numbers between Original and Translated, and it still didn't work.

    Any help with this would be greately appreciated,

    -rg
    Attached Files

  • #2
    Re: RDP access to multiple computers using SDM

    The "original" port is the port the inside host is listening on. The translated port is how it is seen from the outside. You have both translated ports the same, which from what I can tell point to the same public ip address. This is an ambiguous nat rule. Which means you cant have multiple nat rules for the same public ip address with the same translated port. What you could do is change the translated port on each rule to be different (3389 and 3390 etc) and then port forward to the internal hosts on 3389.
    Last edited by auglan; 11th October 2012, 18:39.
    CCNA, CCNA-Security, CCNP
    CCIE Security (In Progress)

    Comment


    • #3
      Re: RDP access to multiple computers using SDM

      Hi Auglan,

      Thank you for your response and your attempt to help me out with this.

      I understand what you are suggesting, and I believe that I initially tried that. I attached Scenario 1 to show that when I do it that way, it works fine, but when I try with Scenario 2 doesn't connect me through.

      For example, the machine that I want to connect to is 192.168.1.4 and internally it will listen to port 3389 which is RDP. Externally, since I have 1 public IP, I will connect to it through port 3001. So, when I setup original port to 3389 and translated port to 3001 (as how I believe you suggested), it is not letting me connect.

      So my questions are: 1) did I understand your advice correctly? 2)do I have to perform any other configuration (for example on the firewall screen) to make it happen.

      Comment


      • #4
        Re: RDP access to multiple computers using SDM

        Do you have an ACL applied to the outside interface coming inbound? Are you using CBAC or Zone Based Firewall. Could be a filtering issue.
        CCNA, CCNA-Security, CCNP
        CCIE Security (In Progress)

        Comment


        • #5
          Re: RDP access to multiple computers using SDM

          Thank you Auglan.

          I am going to research this and post it back here.

          rg

          Comment


          • #6
            Re: RDP access to multiple computers using SDM

            Did you get this working for you? I'm currently doing this on an ASA 5505 and accessing 2 different machines via 1 public IP. One of my machines listens on 3389 and the other on 3390. I changed the public port to something high on the port range. There is a thread on the same subject that I started and received help from Auglan. I can't post a link because I don't have 5 posts. If you search you can find it but you're on the right track.

            Comment

            Working...
            X