Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1002
Views
2
Helpful
12
Replies

Portforwarding Cisco RV340

BdeBoer
Level 1
Level 1

‎09-19-2023 01:01 AM - edited ‎09-19-2023 01:09 AM

Dear All,

I am running in to a problem and i cannot seem to wrap my head arround it.

I have two servers in my network, i want to access the servers true RDP. What i want to do is the following.

Service Management Port
Server1RDP port: 3389
Server2RDP port: 3390

Firewall rules Server1:
Forwarding Rule: External port: Server1RDP Internal port: Server1RDP Internal IP: 192.168.10.5 Interfaces: Any
Access rule: Action: Allowed Services: Server1RDP Source Interface: WAN1 Source: 123.123.123.123 (Public ip adres that is allowed to connect to the server) Destination Interface: VLAN1 Destination: 192.168.10.5
Acces rule: Denied Services: server1RDP Source Interface: WAN1 Source: Any Destination Interface: VLAN1 Destination: Any

Firewall rules Server2:
Forwarding Rule: External port: Server2RDP Internal port: Server1RDP(internal port is 3389 so thats why i use the service port of Server1) Internal IP: 192.168.10.10 Interfaces: Any
Access rule: Action: Allowed Services: Server2RDP Source Interface: WAN1 Source: 123.123.123.123 (External ip adres that is allowed to connect to the server) Destination Interface: VLAN1 Destination: 192.168.10.10
Acces rule: Denied Services: server2RDP Source Interface: WAN1 Source: Any Destination Interface: VLAN1 Destination: Any

Server1 is working fine, but Server2 is not working, the only way i get this to work is to let the Server2 listen to 3390 on RDP instead of 3389 and change the portforwarding rule to Server2RDP external port and internal port.

With all my other firewalls not from Cisco i can do a portforwarding/porttranslation from 3390 external to 3389 internal, its a common thing to do i think, but i cant seem to get it to work on a RV340, probably the way im doing it is wrong, hopefully someone can direct me in the right way.

With kind regards,

Bas

Labels:
0 Helpful
12 Replies 12

Aref Alsouqi
VIP
VIP

‎09-19-2023 01:16 AM

Seems that you would need to use the built-in RDP port created on the router:

https://community.cisco.com/t5/routers-small-business/rv340-how-do-create-a-port-forwarding-rule-with-port-translation/td-p/3797347

 

0 Helpful

BdeBoer
Level 1
Level 1
In response to Aref Alsouqi

‎09-19-2023 01:19 AM

That is what i allready did, for the explaining part i named it Server1RDP but im using the default RDP port. And that works fine with Server1, but that doesnt solve my problem with Server2.

0 Helpful

Aref Alsouqi
VIP
VIP

‎09-19-2023 01:25 AM

I would try to do some packet capture on the server2 side and see if the traffic received by the router is actually being translated to port 3389, if not it could potentially be a bug on that software release. Did you try to check if the release running on that router is the latest recommended?

0 Helpful

BdeBoer
Level 1
Level 1
In response to Aref Alsouqi

‎09-19-2023 01:32 AM

I checked the router and is running the latest Firmware.

I will do the captur and let you know what i found.

BdeBoer
Level 1
Level 1
In response to Aref Alsouqi

‎09-19-2023 02:05 AM

I captured the packets from WAN1 and then from LAN. When i connect RDP i see the request on the WAN1 capture but it wil not on the LAN. When i capture Server1RDP i see the requests both on WAN1 and LAN.

0 Helpful

Aref Alsouqi
VIP
VIP
In response to BdeBoer

‎09-19-2023 02:42 AM

Then I would take it as the router is not doing what it should and maybe is hitting a software bug. Could you please share the screenshots of the configs you're trying to apply for review?

0 Helpful

BdeBoer
Level 1
Level 1
In response to Aref Alsouqi

‎09-19-2023 02:56 AM - edited ‎09-19-2023 02:57 AM

Here by the screenshot of my config. 

Preview file
103 KB
0 Helpful

Aref Alsouqi
VIP
VIP
In response to BdeBoer

‎09-19-2023 03:41 AM

I can't see anything wrong with that config, the only thing that I would probably try would be to select the interface WAN1 in the port forwarding table.

0 Helpful

BdeBoer
Level 1
Level 1

‎09-19-2023 03:50 AM

I changed the interface from ANY to WAN1 and it didnt make any difference.

It's realy strange, it's not the first time i had this problem, but never made a topic of it. I allways worked arround this problem, but it seems so simple, and all other brand firewall's we have can do this without any trouble. I know this device is not for sale anymore, and Cisco stopt making small router solutions. But it would be nice to solve this maybe in a future firmware upgrade, if those are still made/supported.

0 Helpful

Aref Alsouqi
VIP
VIP
In response to BdeBoer

‎09-19-2023 04:21 AM

I agree. Did you try to flip the port forwarding around making port 3390 hitting server1 and 3389 hitting server2. I know it doesn't make much sense, but please give it a try.

BdeBoer
Level 1
Level 1

‎09-19-2023 04:27 AM

I tried that myself before, the problem goes from Server2 to Server1. 

Even if it not make sense its sometimes the best solution ;)~ Thanks for your suggestions so far!

0 Helpful

Aref Alsouqi
VIP
VIP
In response to BdeBoer

‎09-19-2023 04:39 AM

You're welcome, and sorry I couldn't help on this.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card