Draytek RDP

Hi,

We have a Draytek 2820n i've been trying to enable RDP access to the server, i've setup the nat i'm confident that it's setup correctly well think i was anyway.

AP001192> srv nat showall
srv nat showall
Index   Proto   WAN IP:Port                 Private IP:Port             Act
*****************************************************************************
R01     TCP     -- ALL --:3389              192.168.31.3:3389           Y
R02     TCP     0.0.0.0:3389                192.168.31.3:3389           Y
R03     TCP     -- ALL --:443               192.168.31.3:443            Y
R04     TCP     -- ALL --:25                192.168.31.3:25             Y
R05     TCP     -- ALL --:80                192.168.31.3:80             Y
R06     TCP     -- ALL --:987               192.168.31.3:987            Y
R07     TCP     -- ALL --:143               192.168.31.3:143            Y
R08     TCP     -- ALL --:993               192.168.31.3:993            Y
R09     TCP     -- ALL --:11636             192.168.31.3:636            Y

This is how it looks and i've tried everything to get 3389 allowing but it's not working. I'm not too familar with Drayteks and it's all sort of guess work for this one i'm afraid can anyone point me down the right track.

I've checked the server side and this appears to allow rdp access.
LVL 1
Alex YoungAsked:
Who is Participating?
 
plug1Connect With a Mentor Commented:
The RDP connection should be set to use ALL as the wan port in the same way as the rest are, whats your reasoning in putting 0.0.0.0 in there? Also opening up 3389 on the wen is a massive safety concern, you should pick a random port and redirect that to 3389.
0
 
Craig BeckCommented:
Remove R02

Does the SMTP rule work?
Is the RDP server using the Draytek router as it's default gateway?
0
 
Alex YoungAuthor Commented:
Yeah everything works even owa works
0
 
Craig BeckCommented:
So is the firewall on the router configured correctly?

Also, is the firewall on the RDP server allowing connections on port 3389 from address ranges which aren't on your LAN?
0
 
Craig BeckCommented:
Hmmm, I don't understand why that worked... you already had the rule configured correctly at R01...
R01     TCP     -- ALL --:3389              192.168.31.3:3389           Y
R02     TCP     0.0.0.0:3389                192.168.31.3:3389           Y
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.