I have set up a DNAT. This is used to connect to a Windows Terminal Server.
I have set up an Availability Group with 5 different hosts configured. These are all external addresses with 2 being the public address of business partners.
For some reason I am getting dropped packets from some of these hosts.
On the DNAT I have the following:
Position 1
Traffic Source = GP ALLOWED (This contains the hosts)
Traffic Service = Microsoft Remote Desktop (RDP)
Traffic Destination = EXTERNAL WAN (The address of the public addess of the TS Box)
NAT MODE = DAT (Destination)
Destination = INTERNAL TS SERVER
Destination Service = Microsoft Remote Desktop (RDP)
Log = enabled
Automatic Firewall = enabled
I have checked the addresses of the hosts in the access group. These match the address on the firewall logs.
The interesting thing is when I change the source to be ALL the DNAT works.
Am I missing something?
EDIT:
I am running an ASG120 and the latest version as of today (8.305)
On the Firewall Log I can see the clients that are allowed through indicates "fwrule=60021" action=log and the clients that are blocked have "fwrule=60001" action=drop
Is there some kind of default rule blocking this somewhere?
I have set up an Availability Group with 5 different hosts configured. These are all external addresses with 2 being the public address of business partners.
For some reason I am getting dropped packets from some of these hosts.
On the DNAT I have the following:
Position 1
Traffic Source = GP ALLOWED (This contains the hosts)
Traffic Service = Microsoft Remote Desktop (RDP)
Traffic Destination = EXTERNAL WAN (The address of the public addess of the TS Box)
NAT MODE = DAT (Destination)
Destination = INTERNAL TS SERVER
Destination Service = Microsoft Remote Desktop (RDP)
Log = enabled
Automatic Firewall = enabled
I have checked the addresses of the hosts in the access group. These match the address on the firewall logs.
The interesting thing is when I change the source to be ALL the DNAT works.
Am I missing something?
EDIT:
I am running an ASG120 and the latest version as of today (8.305)
On the Firewall Log I can see the clients that are allowed through indicates "fwrule=60021" action=log and the clients that are blocked have "fwrule=60001" action=drop
Is there some kind of default rule blocking this somewhere?