Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Control » Kerio control 8.2.1 not working with RDP port mapping (An issue trying to access PC under Kerio Control with RDP)
  •  
CristianoIera

Messages: 2
Karma: 0
Send a private message to this user
I'm a really experienced user of Kerio products since KWF 2.x.
With the "new" Linux appliance versions, I experienced a really bad issue trying to access some PC in a network protected with Kerio control using the RDP protocol.
This is verified in 2 different installations, one with ver 8.1.4 (virtual appliance on VMware) and the other one with ver 7.3.2 (physical appliance).
I tried literally EVERYTHING.
Please don't tell me how to do. I did such things thousands of times, in the same machines we have many other mappings perfectly working, and in another installation of KWF version 6.5 an identical rule is working perfectly. I already tried to change all of the anti spoofing and intrusion detection settings, I tried to change the exposed port, I also tried to use the "port 3389" definition instead of the "RDP" one, I tried to disable the protocol inspection and many other attempts. The only conclusion is that it's definitely not working.
Connecting to the same firewall using the VPN (LAN2LAN or PC2LAN)works fine. If the RDP passes on a NATted interface, it doesn't work, only in this appliance versions.
Please patch this as soon as possible because I cannot avoid using it, it's part of our customer's corporate policies.
  •  
Petr Dobry (Kerio)

Messages: 782
Karma: 61
Send a private message to this user
Port mapping (for any protocol, including RDP) works and has always worked. There is nothing to patch.
I'm afraid that without sample of your traffic rules, no one would be able to help you.

Petr Dobry
Product Development Manager | Kerio
  •  
ICT and Me

Messages: 936

Karma: 53
Send a private message to this user
Dear Cristiano,

Like you I am also very experienced in Control and work from day one with the Linux version. Have also many installations running at customersites with appliances, VMWare or barebone PC's but no problems with RDP on his orginal port and alternative ports with port translations.

Like Petr said we need to see your rules to help you. Because this is not a bug of Control.

ICT and Me
Carlo Turk
The Netherlands
www.ictandme.nl
  •  
MoonChild

Messages: 5
Karma: 0
Send a private message to this user
did you allow rdp connection in system settings?
  •  
CristianoIera

Messages: 2
Karma: 0
Send a private message to this user
Dear Petr,
I'm sorry for my flame against the RDP & NAT issue on Control.
I was trying and trying any possible combination of settings to put it at work, but, as usual when something "misterious" happens in a tech environment, it was a really bad and misleading "multiple issue". There were 2 different issues in the 2 different cases I was testing; one was due to the presence of a dual homed network, and - simply - the gateway of the RDP host was configured on another gateway that was forwarding that connection to the Kerio control machine, but it really couldn't because they lay on the same internal network (that was not my fault, somebody else did it just to turn me crazy...).
The second case was even worst, because the internet provider was supposed to allow all of the ports to my customer's network, indeed it doesn't! In that case, since the 3389 port is already used by another RDP connection, I was trying to use a different port and then translate it to the 3389... nothing to do, until I realyzed it could be that problem and tried to get into the firewall with the classical 443 port, that actually works fine.
So, I'm really sorry, but when you try 2 different stuff and obtain the same result in 2 independent system, you stat thinking there's something wrong. I have been another victim of the "multiple issues" trouble.
Thanks again for your patience!
Previous Topic: KERIO VPN CLIENT NOT WORK
Next Topic: Firefox browser and Auto-detect proxy settings - dosn't work
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Sun Aug 20 00:23:57 CEST 2017

Total time taken to generate the page: 0.00429 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.