Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Control » Can't make any port mappings, please help [resolved] (Forum is my last resort)
  •  
Disgruntled_Admin

Messages: 2
Karma: 0
Send a private message to this user
For my network, I need to make several machines accessible by RDP from outside.

Please see the attached screenshot of my settings.

The first rule should map outside port 3389 to internal machine 192.168.1.69

The second one maps port 1900 to internal machine 192.168.1.100:3389 (it's RDP to another machine).

The third one is made for testing. It maps port 1005 to mail.com:80.

Well, NOTHING OF IT WORKS. ALthough, when I try to connect to the firewall host from INSIDE of my network to the ports 3389 of 1900, it works. It doesn't work from outside.

The third rule, made to work from inside, doesn't work from inside. When I do "telnet 192.168.1.99 1005", it shows an error. (192.168.1.99 is my firewall internal address).

How do I diagnose it? I'm searching for any solution or rather a way to diagnose the situation. Where should I look?

  • Attachment: kerio.PNG
    (Size: 99.66KB, Downloaded 579 times)

[Updated on: Sun, 17 May 2009 16:58]

  •  
RoadKingRick

Messages: 24
Karma: -1
Send a private message to this user
For the RDP from outside, try changing mapping your source to your external NIC instead of "any"

Make sure you are appending the ":1900" to the public IP when entering the IP address when RDP'ing from outside

This has been working great for me, and I RDP to a few different internal servers from outside.

Hope this does the trick
  •  
Disgruntled_Admin

Messages: 2
Karma: 0
Send a private message to this user
The problem was, for port mapping to work I have to make either of two:
1) the destination machine must have the firewall address as the default gateway
or
2) I must enable "source NAT" for this rule.

If I want to connect from outside to inside, I can choose either.

If I want to connect from inside to outside, the first one is impossible, so I need to make the second, that is, enable source NAT.

Here is what the Administrator's guide says regarding "outgoing" port mapping:
Quote:

Note: For proper functionality of port mapping, the locally hosted server must point to the WinRoute firewall as the default gateway. Port mapping will not function well unless this condition is met.
Previous Topic: Load Balancing
Next Topic: Open connections
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Mon Oct 23 09:49:40 CEST 2017

Total time taken to generate the page: 0.00442 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.