Firewall Wizards mailing list archives

Nat+Port Forwarding

From: "Martin Schoeman" <martin () i-online co za>
Date: Fri, 14 Mar 2003 10:03:24 +0200

Hi

I have a W2K server on my internal LAN xxx.xxx.xxx.xxx (private ip) I
am using iptables and need to connect from the outside to the W2K
server using MS Terminal Service. I need to open and forward port 3389
TCP and UDP for this to work as far as I know

This is what I came up with so far.

*nat -A PREROUTING -p tcp -m tcp --dport 3389 -j DNAT --to-destination
xxx.xxx.xxx.xxx -A POSTROUTING -o eth0 -j SNAT --to-source
yyy.yyy.yyy.yyy(servers external card) p --dport 3389 -j DNAT
--to-destination xxx.xxx.xxx.xxx

*filter -A FORWARD -p tcp -m tcp --dport 3389 -j ACCEPT -A FORWARD -p
udp -m udp --dport 3389 -j ACCEPT -A INPUT -p tcp -m tcp -s 0/0
--dport 3389 -j ACCEPT -A INPUT -p udp -m udp -s 0/0 --dport 3389 -j
ACCEPT

Any help would be much appreciated 
Martin Schoeman







_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

Nat+Port Forwarding Martin Schoeman (Mar 14)
- Re: Nat+Port Forwarding Amiel David (Mar 14)