Firewall blocks RDP connection
-
This post is deleted! -
@grimson Thats exactly the site where i found how to activate loging and how to see that it has a Red X.
I did the stepps but it did not solved my issue. -
@schalex said in Firewall blocks RDP connection:
@grimson Thats exactly the site where i found how to activate loging and how to see that it has a Red X.
I did the stepps but it did not solved my issue.That site contains much more advice, work through it all. Read the pfSense book and use google if you fail to understand parts (or all) of it.
https://www.netgate.com/docs/pfsense/book/
-
@grimson So in generall do you have a idea about what could be the sollution or do you just want to let me learn how to solve the issue?
If you have a idea i would be happy to discuss it. If you want to educate me and you have no clue how to help then i would be happy if you just stop writing in these thread! -
Sure I know where the problem is, it's PEBCAK. And the solution is for you to gain the knowlegde to actually understand what you are doing. So use the resources available and start working.
-
RDP using port 1234 ?
I'm impressed. That was the port I used to access a Windows server from the outside. I though it was original.
Back then, I created this NAT rule :
Btw : the Alias PowerEdge stands for 192.168.1.4 - a windows server my LAN.
The related firewall rule under the WAN interface was created automatically.With this NAT rule I can connect from pfSense's WAN interface (some where from the Internet, actually) to my windows server.
(well, the truth is, I have an ISP router in front of my router, so I had to "NAT" on this one also : TCP port 1234 incoming to IP WAN pfSense, port 1234 but that's non crucial information.)
NAT was fun for the last two decades, but it died for me when I discovered IPv6 and OpenVPN ....
-
@schalex
rule 12000 is blocking private networks
you must remove this rule from the wan interface (interfaces/ wan)
-
@konstanti you are great. Thank you very much for these great feedback.
I was really frustrated after @Grimson his advice that i changed PFsense to my old OpenWRT router.
I needed a fast sollution because my employees could not work for one day alreaddy because of these situation.
I decided that my Skills are not good enough for such a suffistikated Software and i have to say the in OpenWRT it took me maybe 1 hour to configure everything and it is just working perfectly :-)
Therefore i think it was the best sollution for me.But @Konstanti and @Gertjan thank you so much for your great support. That is exactly what i hoped for.
-
@schalex If your problem is urgent and your business relies on it, I might suggest getting support from Netgate. You would have been up & running in under an hour.
-
Hummm. This was a puzzle in a puzzle.
Didn't understand the answer of@Konstanti .
Then I focused on "120000", a rule number that exist for all of us, under 'special' conditions'.@schalex said in Firewall blocks RDP connection:
When i go on the Red X i get the message "block/12000".
@Schalex : asking the WAN to block local IP addresses (192.168.1.x and family) if you have a router (the ISP router) in front a a router (pfSense) that will kill (99.9999999 %) of all incoming NAT connections (because they will be 'local').
