Cannot RDP to ISA server from external connection.

Windows SBS 2003 has ISA installed, and used to route RDP requests to a terminal server.  I would like to provide remote access directly to the SBS server instead now.  The router IP is 10.0.0.1, the external NIC on the SBS is 10.0.0.253 (internal is 192.168... but not used anymore).  In the router, I enable RDP to 10.0.0.253 (port 3389).  Yet I cannot RDP to the server from an external connection.  Even if I stop the ISA and Windows Firewall services, I still cannot RDP to to the server from an external connection.  Internal RDP connections work fine if I plug in to the 192.168.... line.  What is preventing me from RDPing to the SBS server?  
LVL 1
RadRichieAsked:
Who is Participating?
 
ee_autoConnect With a Mentor Commented:
Question PAQ'd, 300 points refunded, and stored in the solution database.
0
 
coredatarecoveryCommented:
The external nic at 10.0.0.253 is an internal address.

You MUST forward your External packets for port 3389 on the physical Internet address side of the firewall to your 10.0.0.253 internal address.

Can you log into your firewall device?
0
 
coredatarecoveryCommented:
you need to add a pass thru for port 3389 in your firewall to forward your packets to your internal ip address of the server.

10.x.x.x is a private address.

If you need you IP address http://www.coredatarecovery.com/ip.shtml will echo back your IP address

This is the IP address (Once the pass thru is setup that will be used from outside to access the rdp)

you can check your connection with a port scan from the web at www.grc.com

0
KuppingerCole Reviews AlgoSec in Executive Report

Leading analyst firm, KuppingerCole reviews AlgoSec's Security Policy Management Solution, and the security challenges faced by companies today in their Executive View report.

 
RadRichieAuthor Commented:
The router advanced settings have RDP mapped to 10.0.0.253, the "external" IP from ISA's perspective.
If I turn off the MIcrosoft firewall service, I can RDP from the server to itself (10.0.0.253), but not to it from an external line.  
0
 
RadRichieAuthor Commented:
This is fixed.  ISA server had one of many RDP rules that mapped RDP to the old terminal server.  Once the IP address in that rule was changed to the SBS, RDP from external worked fine.
0
 
coredatarecoveryCommented:
Very Cool.
0
 
coredatarecoveryCommented:
I'm glad to have been of service to you.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.