Since I am still in the learning phase of checkpoint I do not know what secureXL is.. and I see see it’s being hit.. if I do a wire shark capture on the terminal server then nothing arrives at it unless it’s local traffic.. so for some reason my GW isn’t forwarding the traffic..

btw what is fw monitor?

This would be good place to check on it if you are not familiar, but in essence, its supposed to accelerate the traffic:

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

In some cases, it could cause traffic issues, so one way to confirm, would be if you run fwaccel off on the gateways and then test again, no need to push the policy. To turn it back on, just run fwaccel on

Turning off SecureXL didnt make a difference 😞

 Ok, try this...fe ctl zdebug + drop | grep 3389

Message me privately, lets do remote later on.

THANK YOU!!!
Ill fire off the command NOW

And i've also sent you a private message

Hi Wolfgang.
about the retur packet.. would you care to show me an example by using the attached picture i had in the original topic?
I should have nat return though, but i could have made a mistake..
My terminalserver can access the internet perfectly.. and its hidden behind nat

The shown picture is only a rule for NAT. You have to configure a rule in the network layer to allow the traffic from external to your destination hosts.

I've attached photos here..
the firewall accept's the traffic, but it just doesnt go any further.

if i do a wiresharp capture on the terminal server, no traffic arrives..
but if i try to connect from an internal server to the terminal server, traffic arrives and can be seen on the wireshark capture.