Thanks

 

We have a complicated set up everything PATs out a single address and we need to allow the upstream VPN connection which terminates at the upstream FW and RDPs into our Firewall to a specific desktop.  We don't control the VPN and our users are coming in from outside all firewalls. Currently the connection RDPs from the VPN termination ( not under our control ) to each desktop.

We want to change all desktops to  192.168.0.0 and keep the PAT

 

Hi

The solution does not address my problem.

I need to get into the Firewall from a VPN that currents RDPs.  It is not in the same networks and cannot DRP to a 192.168.0.0.

 

These requests are coming from outside and not initiated from inside.

 

Thank you

I need to get into the Firewall from a VPN that currents RDPs. It is not in the same networks and cannot DRP to a 192.168.0.0.

 

so you already have a site-to-site vpn between your firewall and remote firewall. you need to access the firewall from remote site (RDP)?

We are a part of a State Government. With a separate firewall and network from our IT Dept.
Our Dept of IT has a VPN for the whole of the state agencies. And grants us VPN access through their VPN to our network. We have about 8 users who need to VPN from the field in via this VPN. Currently they put the 164.64..x.10 address in Anyconnect, the VPN device then makes a RDP connection to our network where we allow the VPN subnet into specific hosts. We want to change the hosts to 192.168.x.x.
Users need to come from outside to their desktops through the VPN (which servers hundreds of users in many segments )
When the VPN connects to our firewall with traffic for a specific address it is let in.
When the VPN RDPs into our firewall looking for 164.64.x.10 how can my firewall connect that to the desktop with a 192.168.0.10 address.?
We don't want to allow anything else in from outside except these VPN connections. We control our Fw and our network not the VPN>
We are small and we are Patted to the outside.



Thank you