[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] Susefirewall2 rdp access nightmare

On Thursday 06 October 2005 09:46, engelbert.gruber@xxxxxxxxx wrote:

> how is you rnetwork layout ?
>   internet --- fw --- internal
> where are the rdp servers (from above it sounds like one is internal and
> some are external).
> do you have NAT active ? if so you need something to forward connections
> to the inside server.
> try from internal first :
> * is protect from internal active ?
> * is routing active ?
> cheers

OK ! is internal <-->$EXTIP <--> Internet
I have a pc <--> -- $EXTIP <---> Internet <--> 
Remote PC

I have added these rules as suggested earlier by Taras (Thanks)
I can access the remote PC over the internet, But it still can't access my 
internal PC..

iptables -t nat -A PREROUTING -i eth1 -p tcp -s 0/0 -d --dport 
3389 -j DNAT --to-destination

iptables -t nat -A POSTROUTING -s -o eth1 -j SNAT --to-source

iptables -A FORWARD -s -d 0/0 -j ACCEPT

Seems I am missing a redirect or something?

Chadley Wilson
Production Line Superintendant
Pinnacle Micro
Manufacturers of Proline Computers
Exercise freedom, Use LINUX

Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here