Iptables and Microsoft Terminal Services

[baileyscrossroads]

All,
I have a cable modem plugged into my RedHat 7.2 Linux box which has 2 NICs. The 2nd NIC runs to a hub, and I have my Windows 2000 Server plugged into one of the ports in my hub. I can access the 2000 box from the Linux box and vice versa fine.

My question is this. I can forward http traffic from the Internet to the 2000 box fine. I also can execute asp scripts running on my Web Server on the 2000 box.

But, when I pull up the MS Terminal Services webpage client (you can access a webpage running on the server, type in the ip address of my computer, and then login through MS Terminal Services) the webpage comes up, and I can type in the ip for my computer (the internal ip) and it tries to connect for about 20-30 secs and then I get an error msg that there was a problem connecting to the server.

I would think its the 2000 box, but I plugged a laptop into my hub, and I could connect to the server fine. Its just connecting from the internet where it wont connect. And the only difference is that from the internet the traffic passes through my linux box and gets forwarded to the 2000 server. Anyone have any hints???

p.s. I can connect using the Terminal Services client that installs on the client computer. Its just the webpage client that does not work...

 

[d3funct]

Maybe it's one of your 'stateful' definitions that says the connection has to be generated from the internal network, or pre-established. If iptables is going to be effective it will not allow new connections to be established from a machine outside the firewall. This is a rule in iptables (probably) that you can change, but I don't know which rule it would be.
Hope this helps you get closer to a solution.
An infinite number of monkey typing at an infinite number of keyboards will eventually populate the internet.