Sonic Wall Problem with RDP, works for one port but not for the other.

Posted on 2006-06-01
Last Modified: 2012-08-13
Hi, I'm trying to help a friend who runs a sonic wall firewall.

It's been configured to route RDP/RDC to two seperate PC's depending on the port passed in. To hit computer A you use IP xxx.yyy.zzz.1:6000, to hit computer by you use IP xxx.yyy.zzz.1:7000. Everything was working fine until my friend hired a half-baked "network guy" to add an FTP hole, and suddenly one of the RDC forwards isn't working.

The RDC PC on port 7000 in question works fine inside the network when using the local ip:7000 (so, we've isolated it to the sonic wall). Working through the sonic wall settings, everything seems fine (nat translation, access list, etc). PC A and B both have similar settings, only with unique destination IP addresses that point to PC A and B respectively. I just don't get it!

I think something is overriding and blocking this one  IP, any suggestions where I can look?


Question by:TerryBurger
    LVL 15

    Expert Comment

    have you checked the forwarding rules?

    have you tried deleting the afflicted RDP rules and recreating?  how about changing the client PC to a new port and creating a new rule for this port?


    Author Comment

    I haven't deleted the rule or changed the port, but I guess those are decent ideas. Thanks.

    LVL 15

    Accepted Solution

    may have found your problem.  port 7200 is used by a particular protocol - fodms (not sure what it is).  when using ports for custom applications (like changing the listening port of the Remote Desktop Connection client) its best to use an unused port number.  I usually use ports in the 9010 - 9099 range.  The sonicwall may have gotten an update that blocks port 7200 by default if its found that port 7200 is a security risk.  you are best off rethinking the port you use for this.


    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    What Should I Do With This Threat Intelligence?

    Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

    While it is possible to put two routes in place with the secondary having a higher metric, this may not always work. In the event of a failure that does not bring down the physical interface on the router the primary route is not removed. There is a…
    Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

    759 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    12 Experts available now in Live!

    Get 1:1 Help Now