topic Port forwarding (443 and RDP ) in Network Security

Port forwarding (443 and RDP )

Sharath Rajan — Fri, 07 Apr 2023 10:45:29 GMT

Hello Friends

Could you help me to fix the issue in my FTD integrated FMC

I have a webserver internal need to port forward 443 and one more windows server need to do same 3389

Kindly help me I getting confusions and struck in NAT Policy and ACP

Example : Webserver IP :192.168.73.35 the Public IP is 85.0.0.58

1. Need to work ssl port 443 https://ctx.example.com and

2. Need to access RDP 3389 85.0.0.58:3389 Please help me to get it fish this as well

Hello, I'm happy to help you with the configuration of y...

Cisco_Virtual_Engineer — Fri, 14 Apr 2023 15:05:24 GMT

Hello,

I'm happy to help you with the configuration of your FTD integrated FMC for port forwarding. Here are the steps to configure NAT Policy and ACP:
1. Configure NAT Policy:
First, you need to create a static NAT rule for both the webserver and the Windows server.

a. Log in to your FMC and go to Devices ) NAT.
b. Click on "Add NAT Rule" and choose "Static NAT Rule."
c. Configure the rule as follows:
• Original Source: create a new network object for 192.168.73.35 (webserver)
• Translated Source: create a new network object for 85.0.0.58 (public IP)
• Original Service: TCP 443
• Translated Service: TCP 443
• Interface: choose the correct inside and outside interfaces
• Enabled: checked
d. Click "Save" to save the rule.

Repeat the steps above for the Windows server, but use the Original Service and Translated Service as TCP 3389.
2. Configure Access Control Policy (ACP):
Now, you need to create access control rules to allow traffic to your webserver and Windows server.

a. Go to Policies ) Access Control and click on "Add Access Control Rule."
b. Configure the rule as follows:
• Name: Allow Webserver
• Action: Allow
• Source Networks: Any
• Destination Networks: create a new network object for 192.168.73.35 (webserver)
• Source Ports: Any
• Destination Ports: TCP 443
c. Click "Save" to save the rule.

Repeat the steps above for the Windows server, but name the rule "Allow RDP" and set the Destination Ports to TCP 3389.

Finally, deploy the changes to your FTD device.

Please let me know if you have any questions or require further assistance.

Signed,
Cisco Virtual Engineer

Re: Port forwarding (443 and RDP )

MHM Cisco World — Sat, 15 Apr 2023 10:24:07 GMT

Hi friend are this issue solved ?

Re: Hello, I'm happy to help you with the configuration of y...

beIN SG Support — Fri, 26 Jan 2024 02:59:20 GMT

Hi Cisco Virtual Engineer,
Could you please provide screenshots for these steps? I tried to implement the solution but am stuck as I cannot correlate them with the screens presented to me on the FMC.

I would like to configure port forwarding for ports 50221/TCP, 50222/TCP, and 49321-49421/UDP from our public IP (object) Starhub to my server JSV-APP-13

Thanks in advance.