User Tools
sophos:dnat_rdp
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
sophos:dnat_rdp [2018/03/11 23:53] admin |
sophos:dnat_rdp [2018/03/11 23:59] (current) admin |
||
|---|---|---|---|
| Line 22: | Line 22: | ||
| - Click Firewall and click on +Add Firewall Rule and select Business Application Rule. | - Click Firewall and click on +Add Firewall Rule and select Business Application Rule. | ||
| - | - Select Application Template as DNAT/FULL NAT/Load Balancing. Using this policy, an administrator can define access rights of the protected server to users who require access over the WAN. Define other parameters as shown in the image below. | + | - Select Application Template as DNAT/FULL NAT/Load Balancing. Using this policy, an administrator can define access rights of the protected server to users who require access over the WAN. Define other parameters as shown in the image below. {{ :sophos:sophosxg_rdp2.png |}} {{ :sophos:sophosxg_rdp2_2.png |}} |
| - In the Source section, select the Source Zone and Allowed Client Networks to which the policy applies. We have set the Source Zone to WAN and the Allowed Client Networks to Any. | - In the Source section, select the Source Zone and Allowed Client Networks to which the policy applies. We have set the Source Zone to WAN and the Allowed Client Networks to Any. | ||
| - Specify the external interface or IP Address in the Destination & Service section under Destination Host/Network. | - Specify the external interface or IP Address in the Destination & Service section under Destination Host/Network. | ||
| - | - Define the service for RDP as shown below, in this case we are using the default port of 3389. | + | - Define the service for RDP as shown below, in this case we are using the default port of 3389. {{ :sophos:sophosxg_rdp3.png |}} |
| - Only forward specific ports to the protected server, if the protected server is running on a non-standard port, Port forwarding can be defined. In our example, we will forward the port 3389 (RDP). | - Only forward specific ports to the protected server, if the protected server is running on a non-standard port, Port forwarding can be defined. In our example, we will forward the port 3389 (RDP). | ||
| - In the Forward To section, configure port forwarding based on these settings: | - In the Forward To section, configure port forwarding based on these settings: | ||
| Line 33: | Line 33: | ||
| - In the Routing Section under Advanced, Enable Rewrite source address (Masquerading) and specify the NAT policy for Use Outbound Address. Traffic from this policy will pass according to the NAT Policy for all gateways. Here we used the default NAT policy MASQ. This NAT policy translates the private IP address of the source with the public IP address of the WAN interface. | - In the Routing Section under Advanced, Enable Rewrite source address (Masquerading) and specify the NAT policy for Use Outbound Address. Traffic from this policy will pass according to the NAT Policy for all gateways. Here we used the default NAT policy MASQ. This NAT policy translates the private IP address of the source with the public IP address of the WAN interface. | ||
| - Click Save to complete the settings. | - Click Save to complete the settings. | ||
| - | === Test Configuration === | + | ===== Test Configuration ===== |
| - | Use any remote desktop client, such as Remote Desktop (available on Windows) to verify the configuration. | + | - Use any remote desktop client, such as Remote Desktop (available on Windows) to verify the configuration. |
| - | On a Windows system, access the Run command box by pressing the Windows logo key +R. | + | - On a Windows system, access the Run command box by pressing the Windows logo key +R. |
| - | Type the command mstsc and click OK. | + | - Type the command mstsc and click OK. {{ :sophos:sophosxg_rdp4.png |}} |
| - | + | - In the Remote Desktop Connection window, enter the hosted address (in our example, 1.1.1.2) as shown in the image below. Click Connect. {{ :sophos:sophosxg_rdp5.png |}} | |
| - | In the Remote Desktop Connection window, enter the hosted address (in our example, 1.1.1.2) as shown in the image below. Click Connect. | + | - A Windows Security dialogue box prompts for credentials. This indicates that the connection to the internal server is successful. |
| - | + | - Enter the credentials to log in to the server. | |
| - | + | ||
| - | A Windows Security dialogue box prompts for credentials. This indicates that the connection to the internal server is successful. | + | |
| - | Enter the credentials to log in to the server. | + | |
sophos/dnat_rdp.1520808794.txt.gz · Last modified: 2018/03/11 23:53 by admin
Page Tools
