10-25-2007 02:05 PM - edited 03-11-2019 04:30 AM
I need to create two NAT statements and allow RDP connectivity.
One user needs to RDP to a particular computer inside the network (.114), and another user needs to RDP to a different computer (.177). Each user will be RDP'ing from their home locations.
How can I create NAT statements to automatically re-direct, depending on source IP? Both are on their own private networks, so I'm guessing overloading is required.
ie:
User1 was already able to RDP:
access-list ACL1 extended permit tcp host USER1_EXT_IP host 192.168.201.114 object-group RDPGroup
static (Internal-201,ELI-External) tcp interface 3389 192.168.201.114 3389 netmask 255.255.255.255
Now I need to add the new user, who wants to RDP to a different IP:
access-list ACL2 extended permit tcp host USER2_EXT_IP host 192.168.201.177 object-group RDPGroup
static (Internal-201,ELI-External) tcp interface 3389 192.168.201.177 3389 netmask 255.255.255.255
Obviously, this wouldn't work, because the two NAT statements would clash. What alternatives do I have? (VPN isn't an option)
10-26-2007 09:26 AM
Yeah, very strange.
The ACL's seem to be doing fine, the problem is with NAT.
This works:
static (Internal-201,ELI-External) tcp interface 3389 192.168.201.177 3389 netmask
This doesn't:
static (Internal-201,ELI-External) tcp HQ_EXT_IP 3389 192.168.201.177 3389 netmask 255.255.255.255
10-25-2007 10:05 PM
To make things clearr, i assume you have only one Public IP which shd be used for both servers. You use the public assigned to the outside interface.
This could be achieved if the Source Public IP is static.
By having NAT bound with ACL's.
10-26-2007 08:08 AM
The destination has more than one public IP.
The source IP is static. How exactly would I bind the NAT/ACL?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide