[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] Susefirewall2 rdp access nightmare

To: suse-security@xxxxxxxx
Subject: Re: [suse-security] Susefirewall2 rdp access nightmare
From: Chadley Wilson <chadley@xxxxxxxxx>
Date: Thu, 6 Oct 2005 21:27:02 +0200
Delivered-to: mailing list suse-security@xxxxxxxx
In-reply-to: <Pine.LNX.4.61.0510060942520.27355@xxxxxxxxx>
List-help: <mailto:suse-security-help@suse.com>
List-post: <mailto:suse-security@suse.com>
List-subscribe: <mailto:suse-security-subscribe@suse.com>
List-unsubscribe: <mailto:suse-security-unsubscribe-suse=archive.cert.uni-stuttgart.de@suse.com>
Mailing-list: contact suse-security-help@xxxxxxxx; run by ezmlm
Organization: NGN
References: <200510051147.34965.chadley@xxxxxxxxx> <200510060853.07194.chadley@xxxxxxxxx> <Pine.LNX.4.61.0510060942520.27355@xxxxxxxxx>
User-agent: KMail/1.8

On Thursday 06 October 2005 09:46, engelbert.gruber@xxxxxxxxx wrote:

> how is you rnetwork layout ?
>
>
>   internet --- fw --- internal
>
> where are the rdp servers (from above it sounds like one is internal and
> some are external).
>
> do you have NAT active ? if so you need something to forward connections
> to the inside server.
>
> try from internal first :
>
> * is protect from internal active ?
> * is routing active ?
>
> cheers

OK ! 
196.100.100.0/24 is internal <--> 196.100.100.208---$EXTIP <--> Internet
I have a pc 196.100.100.2 <--> 196.100.100.208 -- $EXTIP <---> Internet <--> 
Remote PC

I have added these rules as suggested earlier by Taras (Thanks)
I can access the remote PC over the internet, But it still can't access my 
internal PC..

iptables -t nat -A PREROUTING -i eth1 -p tcp -s 0/0 -d 196.31.62.99 --dport 
3389 -j DNAT --to-destination 196.100.100.2:3389

iptables -t nat -A POSTROUTING -s 196.100.100.0/24 -o eth1 -j SNAT --to-source 
196.31.62.99

iptables -A FORWARD -s 196.100.100.2 -d 0/0 -j ACCEPT

Seems I am missing a redirect or something?


-- 
--
Chadley Wilson
Production Line Superintendant
Pinnacle Micro
Manufacturers of Proline Computers
====================================
Exercise freedom, Use LINUX
=====================================

-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here

References:
- [suse-security] Susefirewall2 rdp access nightmare
  - From: Chadley Wilson
- Re: [suse-security] Susefirewall2 rdp access nightmare
  - From: Chadley Wilson
- Re: [suse-security] Susefirewall2 rdp access nightmare
  - From: engelbert . gruber

Prev by Date: Re: [suse-security] Susefirewall2 rdp access nightmare
Next by Date: Re: [suse-security] account lockout after x incorrect attempts???
Previous by thread: Re: [suse-security] Susefirewall2 rdp access nightmare
Next by thread: Re: [suse-security] Susefirewall2 rdp access nightmare
Index(es):
- Date
- Thread