03-31-2023 10:00 AM - edited 03-31-2023 10:08 AM
Hello,
I am using Cisco Firepower FTD 1010, the idea is to understand how to Access RDP from HOST A to HOST B and vice versa.
The Idea is to Use NAT OVERLOAD from Inside to Outside (PAT) and Outside to Inside.
Solved! Go to Solution.
03-31-2023 10:12 AM
@Himanshu_Dwivedi try the following (amending accordingly to fit your environment).
Also create an ACP rule that permits the traffic. make sure you use the real IP address of Host B not the translated IP address
03-31-2023 10:12 AM
@Himanshu_Dwivedi try the following (amending accordingly to fit your environment).
Also create an ACP rule that permits the traffic. make sure you use the real IP address of Host B not the translated IP address
03-31-2023 10:24 AM
Thanks for your reply, is this NAT Rule for Vice Versa RDP access.
As per this rule I can see that Host B can simply RDP to Host A with Actual IP, but what IP will Host A will use to RDP to Host B.
03-31-2023 10:28 AM
@Himanshu_Dwivedi no, Host B will be translated behind the outside interface IP address (as per your requirement).
Host A would connect to the NAT ip address not the real IP address. In this example traffic is being translated behind the outside interface IP address (192.168.15.170), but you could define a different IP address in 192.168.15.x network if you wished.
03-31-2023 10:37 AM - edited 03-31-2023 11:00 AM
HostA can access real IP of HostB
HostB can access use mapped ip of HostA
The frp will nating it to real ip of HostA
Note:- NAT overload not work here it unidirectional you need static PAT 1:1 since it bidirectional
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide