See previous post

Dan,

Are your source IPs 192.168.1.x and your destination IP 12.x.x.x.? If so, NAT will have to be implemented since 192.168.1.x are reserved for private IPs and private IPs cannot connect to "public" IPs without using NAT. I noticed the line in your configuration that read:

Send to Local Server (DNAT IP):

What device does this IP belong to? Are you currently utilizing NAT on this device?

Can you provide some sort of network topology that can assist in the troubleshooting? It will be helpful to know how the devices all interconnect and what IPs (edited, of course) they have.

What IPs can you ping, if any?

The network is configured as follows:

We are using a T1 modem that connects to the Cisco RV120W.  Attached to the Cisco router is a local hub and a server (IP: 192.168.1.40).  We have two users that connect remotely to that server.  The 12.aaa.aaa.aaa IP address is the external address that should forward to our server.  I do not know what NAT is, but it is probably erroneously set up.

So the users that connect remotely to that server, are they located on the local hub? Can they successfully connect to the 192.168.1.40? By the way, you might want to think about replacing the hub with a little switch to eliminate collisions.

Okay, so the 12.aaa.aaa.aaa is trying to hit the 192.168.1.40, and it will be coming from the T1, correct?

NAT is Network Address Translation. What it does, for example, is take an "inside" address (something like your 192.168.1.x subnet) and allows it to be "converted" to an "outside" IP (something like your 12.aaa.aaa.aaa). It can also work in the reverse, too. If you are needing the 12.aaa.aaa.aaa to be able to hit the 192.168.1.40, then you may want to see if you can take that one 12.aaa.aaa.aaa address and NAT it to one of your available 192.168.1.x addresses.

If your problem is with your local users not being able to hit the server, then NAT won't be the fix for it. Essentially you would have to create a rule that says allow the two IPs that are supposed to hit the 1.40 server through the firewall only through port 3389 (RDP) and block all other attempts from those and any other users. Does that make sense?

The users that connect remotely are not on the local hub, they access the server through a remote desktop connection off premises.  So it sounds like I need to set up a NAT that will link the local server's IP address (192.168.1.40) to the outside IP address 12.aaa.aaa.aaa.  My computer is on the local hub and I can connect to the server on the local 192.168.x.x IP address, but if I try to get a remote desktop connection to the outside IP address 12.x.x.x I am unable to connect.

Where would I set up the NAP link?

BTW, thank you so much for putting up with my newbie questions.

Dan,

Please visit the following site to assist with setting up NAT on your RV120W: http://www.cisco.com/en/US/docs/routers/csbr/rv120w/administration/guide/rv120w_admin.pdf

This appears to be a great document that should be able to answer all of your questions.

No worries on the "newbies" part. We were all newbies at one time or another; besides, that's what these forums are for.

I hope the link I have provided will help you successfully set up NAT and that it solves your problems. Keep me in the know.