Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Bazz_Tars
Explorer

NAT

Hello

Would like to know if the below is workable  NAT solution

Client wants to use either the 3600 or 6200 as a firewall in his rack at a co-located DC

The solution he wants as following:

Internet users to RDP to the virtual servers ( consolidated his HW as more cost affective )

So..

RDP to Public IP on the WAN port then NAT through to the servers - based on a unique Destination RDP port
assigned on the RDP client - that would match the listening port of the server

Maybe  use another Public IP for management only 

thank you

 

 

 

 

0 Kudos
2 Replies
Timothy_Hall
Champion
Champion

Yes this kind of configuration is known as port forwarding.  You will need to create a manual NAT rule something like this:

Origsrc=Any

OrigDest=NAT address

OrgService=80

Xlatesrc=Original

XlateDST=WebServer

XlateService=CustomServicePort (or just "Original" if you want to leave it at 80)

Also note if you are "plucking" the NAT address from the "dirty" segment between the firewall's external interface and Internet perimeter router, because you are employing manual NAT you'll need to configure proxy ARP for the NAT address, see sk30197.

"Max Capture: Know Your Packets" Video Series
now available at http://www.maxpowerfirewalls.com
Baasanjargal_Ts
Advisor

Hello Bazz.

It can work with the manual NATs. You need just one PUBLIC IP address. And forward traffic to the virtual servers by accessing port.

1. Add manual NATs

2. Add incoming accept rule to the RDP_Public address with just using its original custom service port.

link4.png

 

0 Kudos