Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations IamaSherpa on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Multiple Remote desktop web connection sessions through a watch guard

Status
Not open for further replies.
dlima

dlima

IS-IT--Management
Feb 14, 2005
13
US
Multiple Remote desktop web connection sessions through a watch guard firebox III 1000

I am running Remote desktop web connection through a watch guard firebox III 1000.

I can get to any internal PC on my LAN by setting up a filtered service using port 3389, and then NAT from my external IP 64.xxx.xxx.137 (to) -? my internal IP 192.xxx.xxx.xxx.

It works great.

However the problem I am having is that if I setup additional filtered services to another internal IP address I can only get to one internal PC.

I need to gain remote desktop web connection to about 10 different PC’s on my LAN.

In responding please note that I am using REMOTE DESKTOP WEB CONNECTION NOT REMOTE DESKTOP.

The difference is that to start a remote session you type the address into your browser. Ex.

Where as remote desktop is started by going to all programs->accessories->communication->remote desktop.
 
Sort by date Sort by votes
you will need to set up a nat policy for all of the hosts that you wish to connect to.

to do this you will need to have all the pc's in a single range of ip e.g. 192.xxx.xxx.10-20

then set up a NAT rule that nats to all 10 hosts from the single external ip address....setup--nat--advanced-- 1-1 nat enter in 10 for the numebr of hosts and enterer in the first IP in the range of computers.

you will adlos need to update your rule to allow traffic to all of the additional IP addresses

let me know

coladmin

 
Upvote 0 Downvote
In my firebox system manager I go to Tools ? Policy Manager

1)I am adding a new service under the User Filters with the following attributes:
Port 3389, Incoming from any to 192.168.0.4 ? 192.168.0.10

2)Then I am going to Setup ? NAT
On the NAT setup page where I am Enabling Dynamic NAT with
Entries 192.168.0.4 ? 192.168.0.10

3)Under the Advanced setting: On the tab [1-to-1 NAT Setup] placing a check in the Enable 1-to-1 NAT box.

4)Clicking on the Add button I am choosing the following:
Interface: external
Number of hosts to NAT: 10
NAT base: 64.xxx.xxx.xxx (This is my external/public IP address)
Real base: 192.168.0.4 (This is the start of my private range that I need to get to.

When I click OK I get the following error message from Policy Manager
‘1-to-1 NAT policy can not include the External, Optional, or Trusted IP address of the firebox’


I have tried changing the NAT base to 192.168.0.4 while making the Real base 192.168.0.10

What’s wrong? Am I close? Way off.

By the way I appreciate your help. I work for a not for profit agency so budget is tight.

Thanks again

David

 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Sameer258
  • Locked
  • Question
Need Help to Find ip and mac address with email who one open my email
Replies
0
Views
577
Sameer258
Sameer258
Jimbo2015
  • Locked
  • Question
Avaya - Watch guard issue with keep alives
Replies
1
Views
135
hairlessupportmonkey
hairlessupportmonkey
Tommy_T
  • Locked
  • Question
Sonic wall - Have an issue remotely connectioning VNC and SMB (and AFP) to one of the 2 ISP circuits
Replies
1
Views
461
nnaarrnn
nnaarrnn
ChrisFairley
  • Locked
  • Question
Downloads failing through ASA 5520
Replies
1
Views
129
iggsterman
iggsterman
mcisar
  • Locked
  • Question
Disable CHAP on PPPoE WAN connection
Replies
0
Views
142
mcisar
mcisar

Part and Inventory Search

Sponsor

Back
Top