Redirect 1 WAN IP to Multiple Internal Hosts for Port port 3389



  • Good Morning All!  This is my first time creating a post after using this forum for a long time for help.  If this isn't the correct place for this thread, please move it.

    My setup is pretty simple:

    Small HP MicroServer N54L with 2 physical NICs running VMware ESXi with 3-4 VMs:

    • pfSense with a LAN/WAN nic

    • Windows Server 2012 on LAN

    • Linux box for dev stuff

    I have one external IP and a namecheap DNS name that I have been using Squid to redirect port 80/443 traffic  to sub domains inside LAN.
    The server is running DNS, AD Authentication, IIS web, File/Print, typical stuff. Kind of a multi purpose server, but it does the job for what I need.

    Examples:
    FTP.hostname.com -> web server FTP site
    www.hostname.com -> web server WWW site
    mail.hostname.com -> went to a small exchange server i was testing
    laptop.hostname.com -> goes to a test IIS site on a laptop inside my home

    HTTP, HTTPS.. they all worked fine. My question is, is it possible to redirect RDP traffic in this way?

    RDP to laptop.hostname.com -> RDPs into laptop
    RDP to www.hostname.com -> RDP's into the server

    I know we can do 1:1 over port 3389 or even change the port on the local workstation so I could do

    RDP to www.hostname.com -> one workstation
    RDP to www.hostname.com:3390 -> another workstation

    But I don't want to worry about ports.

    Does this make sense?



  • If you want to remotely connect to a number of workstations using the one public IP address, you are going to have to use different ports port-forwarded to the proper devices.  Either that or perhaps look in to running a Remote Desktop Gateway.



  • So there is no squid-like package for RDP ports?

    Squid does single WAN IP to multiple host redirect for port 80/443. Wasn't sure if there was something similar for other ports (in particular, 3389).



  • As far as I know, squid in pfSense is a simple caching server.  There are no redirection options other than forwarding requests to an upstream proxy.  Or were you talking about squid3 reverse proxy?

    Anyway, I don't know why you're averse to using ports in your RDP config.  Just create a few RDP shortcuts (or use mRemoteNG) for each of your server that you need to connect to and be done with it.



  • Yes, sorry. Squid Reverse Proxy.

    I didn't want to have to remember 'server 1 port 3389, server 2 port 3390, server 3 port 3391'.



  • Which is why you use RDP shortcuts or some kind of management app like mRemoteNG.  I manage about 50 servers, and I'd be lost if I had to rely on the RDP app.



  • Oh, well, yea. I have RDO (Remote Desktop Organizer) but thats still a one machine solution that you'd have to keep in mind.



  • mRemoteNG is portable, easily fits on a USB stick or via Dropbox/Box

    http://www.mremoteng.org/


  • Moderator

    +1 for mRemoteNG. Makes managing devices so simple.