Solved: Re: RDP access from using PAT

Himanshu_Dwivedi · ‎03-31-2023

Hello,

I am using Cisco Firepower FTD 1010, the idea is to understand how to Access RDP from HOST A to HOST B and vice versa.

The Idea is to Use NAT OVERLOAD from Inside to Outside (PAT) and Outside to Inside.

Rob Ingram · ‎03-31-2023

@Himanshu_Dwivedi try the following (amending accordingly to fit your environment).

Also create an ACP rule that permits the traffic. make sure you use the real IP address of Host B not the translated IP address

View solution in original post

Rob Ingram · ‎03-31-2023

@Himanshu_Dwivedi try the following (amending accordingly to fit your environment).

Also create an ACP rule that permits the traffic. make sure you use the real IP address of Host B not the translated IP address

Himanshu_Dwivedi · ‎03-31-2023

Thanks for your reply, is this NAT Rule for Vice Versa RDP access.

As per this rule I can see that Host B can simply RDP to Host A with Actual IP, but what IP will Host A will use to RDP to Host B.

Rob Ingram · ‎03-31-2023

@Himanshu_Dwivedi no, Host B will be translated behind the outside interface IP address (as per your requirement).

Host A would connect to the NAT ip address not the real IP address. In this example traffic is being translated behind the outside interface IP address (192.168.15.170), but you could define a different IP address in 192.168.15.x network if you wished.

MHM Cisco World · ‎03-31-2023

HostA can access real IP of HostB

HostB can access use mapped ip of HostA

The frp will nating it to real ip of HostA

Note:- NAT overload not work here it unidirectional you need static PAT 1:1 since it bidirectional