Solved

Draytek RDP

Posted on 2013-10-30
5
449 Views
Last Modified: 2014-04-30
Hi,

We have a Draytek 2820n i've been trying to enable RDP access to the server, i've setup the nat i'm confident that it's setup correctly well think i was anyway.

AP001192> srv nat showall
srv nat showall
Index   Proto   WAN IP:Port                 Private IP:Port             Act
*****************************************************************************
R01     TCP     -- ALL --:3389              192.168.31.3:3389           Y
R02     TCP     0.0.0.0:3389                192.168.31.3:3389           Y
R03     TCP     -- ALL --:443               192.168.31.3:443            Y
R04     TCP     -- ALL --:25                192.168.31.3:25             Y
R05     TCP     -- ALL --:80                192.168.31.3:80             Y
R06     TCP     -- ALL --:987               192.168.31.3:987            Y
R07     TCP     -- ALL --:143               192.168.31.3:143            Y
R08     TCP     -- ALL --:993               192.168.31.3:993            Y
R09     TCP     -- ALL --:11636             192.168.31.3:636            Y

This is how it looks and i've tried everything to get 3389 allowing but it's not working. I'm not too familar with Drayteks and it's all sort of guess work for this one i'm afraid can anyone point me down the right track.

I've checked the server side and this appears to allow rdp access.
0
Comment
Question by:Alex Young
  • 3
5 Comments
 
LVL 45

Expert Comment

by:Craig Beck
ID: 39611938
Remove R02

Does the SMTP rule work?
Is the RDP server using the Draytek router as it's default gateway?
0
 
LVL 1

Author Comment

by:Alex Young
ID: 39612019
Yeah everything works even owa works
0
 
LVL 45

Expert Comment

by:Craig Beck
ID: 39612042
So is the firewall on the router configured correctly?

Also, is the firewall on the RDP server allowing connections on port 3389 from address ranges which aren't on your LAN?
0
 
LVL 14

Accepted Solution

by:
plug1 earned 500 total points
ID: 39613460
The RDP connection should be set to use ALL as the wan port in the same way as the rest are, whats your reasoning in putting 0.0.0.0 in there? Also opening up 3389 on the wen is a massive safety concern, you should pick a random port and redirect that to 3389.
0
 
LVL 45

Expert Comment

by:Craig Beck
ID: 40031753
Hmmm, I don't understand why that worked... you already had the rule configured correctly at R01...
R01     TCP     -- ALL --:3389              192.168.31.3:3389           Y
R02     TCP     0.0.0.0:3389                192.168.31.3:3389           Y
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Hello All, I have been training on Multicast for a while now and whenever I start the topic , I find out that my friends /  Colleagues mention that they do not know how to test Multicast Joins. As most of the multicast would be video traffic and …
Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now