0

I would like to make my VM which is in the test environment accessible from a specific Network (called FW_PRODUCTIVE) over RDP.

For doing that, I did make following steps:

  1. Create 1:1 NAT Rule
Interface = WAN
External IP = my pulic IP address
Internal IP = Internal IP address of my VM
Destination IP = *
  1. Create Firewall Aliases
Name = FW_PRODUCTIVE
Values = IP address of my producitve IP address

Name = Name_Of_my_VM
Values = Internal IP address of my VM
  1. Firewall Rule (WAN)
Protocol = IPv4 TCP
Source = FW_PRODUCTIVE (this is an alias) 
Port = *
Destination = Name_Of_my_VM (this is an alias)
Port = *
Gateway = *
Queue = None

Issue: Unfortunately I can't connect to the VM over RDP with his public IP.

My Questions:

  • Are there any steps missing?
  • How long does it usually take, until this change affects globally? Actually Im waiting now for 3 hours. Is there any chance to force it?
  • How can I check / troubleshoot, if I did made a correct configuration? Is there any tool. I do also have already configured example for another server. This works... but it was not configured by me. So maybe I can compare these two environments together with troubleshooting tools.
Community
  • 1
Baku Bakar
  • 97
  • 2
  • I'am not used to pfsense, but the destination IP is wrote *, does that mean the firewall rewrite it to be the inside IP ? As it must be if you want the rule to work – yagmoth555 Jan 30 '19 at 14:49
  • 1
    Here is the description: `The 1:1 mapping will only be used for connections to or from the specified destination. Hint: this is usually "Any".` - this setting is also set the same for another NAT entry, which is working well. – Baku Bakar Jan 30 '19 at 14:54
  • it should be ok, does the Windows firewall block the connection ? as it come outside the LAN by default it's blocked. Can you test without the windows firewall on – yagmoth555 Jan 30 '19 at 15:09
  • Unfortunately it still doesn't work, even firewall is disabled. I also tried after resetting connection states, but it didn't help too. – Baku Bakar Jan 30 '19 at 15:31
  • Is FW_PRODUCTIVE an public IP range too ? – yagmoth555 Jan 30 '19 at 15:40
  • Yes it is. This is the public IP address (IPv4) from the network, that I want to access from. – Baku Bakar Jan 30 '19 at 15:46

0 Answers0