5 Oct
2005
5 Oct
'05
10:35
For outgoing requests try FW_MASQ_NETS="x.x.x.x/24,y.y.y.y/32,tcp,3389" where you have to replace x.x.x.x with your private ip block and y.y.y.y with the ip of the external rdp server. for incoming requests try FW_FORWARD_MASQ="0.0.0.0/0,x.x.x.x,tcp,3389" where x.x.x.x is to replace with the ip of your internal rdp server. CAUTION: This opens up a big security hole!!! It's a good idea to restrict the incoming ip range to dedicated addresses. Another good idea is to put the rdp server into a DMZ. To access the internal server i would suggest to use a ssh tunnel or a vpn via ipsec instead of "FW_FORWARD_MASQ" Check /var/log/firewall if it still fails. the polarizer http://www.codixx.de/polarizer.html