11-09-2010 08:22 PM
Every example I've found for setting up inbound port mapping (KB11910) is always http or ftp both of which I have working with my cable modem single external IP which is also the untrusted Eth 0/0 address. I have followed numerous threads and KB's for using VIP in this scenario to forward ports to inside hosts but for services I created in the web ui they don't work. Is this a common error or do you need to see my config file. BTW, what should I redact when posting besides my external IP?
11-09-2010 09:15 PM
I figured it out. I went back to policies and edited the VIP(ethernet0/0) policy and clicked edit and then next to service clicked the Multiple button and added the services I created. I did this once before but must have had something else wrong because it didn't appear to work.
I'm using the CLI to read the setups but web UI to edit.
11-10-2010 06:10 AM
Everything port forwarded in VIP except Remote Desktop Protocol. I assume that there is either ALG or I have to use a built in service. I'm trying to port map 33892 to 3389 to an inside host
Can anyone tell me the best way to setup RDC for 10 hosts? I map 33890 thorugh 33899 to a set of 10 host ip's inside at 3389. 33891 takes me to 192.1168.1.2 - 33892 takes me to 192.168.1.3 etc.
11-11-2010 01:21 PM
There shouldn't be anything special needed to be able to port forward to 3389. I don't think any ALGs come into play here but if there are you could do a debug nat gate and a debug asp all and then debug flow basic on your src and dst, in the db stream you should see the policy hitting the ALG.
I would change the listener port on the hosts say 3389-3399.