X.x address range. NAT manages the connectivity between the public Internet and your private network, and either UPnP or manual port forwarding ensures that.
Enterprise Networking Routers, Switches, Firewalls and other Data Networking infrastructure discussions welcomed. New Visitors are encouraged to read our. This subreddit allows:. Enterprise & Business Networking topics such as:. Design. Troubleshooting. Best Practices.
Educational Topics & Questions are allowed with following guidelines:. Enterprise /Data Center /SP /Business networking related. No Homework Topics without detailed, and specific questions. Networking Career Topics are allowed with following guidelines:. Topics asking for information about getting into the networking field will be removed. This topic has been discussed at length, please use the search feature. Topics regarding senior-level networking career progression are permitted.
This subreddit does NOT allow:. Home Networking Topics.
We aren't here to troubleshoot your 'advanced' video game latency issues. Home Networks, even complex ones are best discussed elsewhere like. HomeLab discussions, as a tool for learning & certifications are welcomed. Braindump / Certification Cheating. These topics pollute our industry and devalue the hard work of others.
These posts will be deleted without mercy. Blogspam / Traffic Redirection. This sub prefers to share knowledge within the sub community. Directing our members to resources elsewhere is closely monitored. You may announce the existence of your blog/YouTube Channel. You may share a URL to a blog that answers questions already in discussion.
But harassing members to check out your content will not be tolerated. Low-quality posts. Any post that fails to display a minimal level of effort prior to asking for help is at risk of being Locked or Deleted.
We expect our members to treat each other as fellow professionals. Professionals research & troubleshoot before they ask others for help. Please review to avoid this issue. Early-Career Advice. This sub-reddit is dedicated to higher-level, more senior networking topics. and are all available for early-career discussions. We don't do your homework for you.
Don't ask us what we would buy for a given project. Don't ask us how to subnet. Show us how you think you should solve those issues, and we will validate or offer enhancement to your initial attempt. Political Posts. This subreddit invites redditors from all around the globe to discuss enterprise networking. Political posts tend to attract the wrong crowd and overly aggressive vocalization. Topics that may affect one locale does not contribute enterprise networking discussions.
Recommended & Related Sub-Reddits: Related IRC Channels. Rule #1: No Home Networking. Rule #2: No Certification Brain Dumps / Cheating. Rule #3: No BlogSpam / Traffic re-direction. Rule #4: No Low Quality Posts. Rule #5: No Early Career Advice. Rule #6: Homework / Educational Questions must display effort.
Rule #7: No Political Posts. First post on redddit, hope this goes well. So, I have a computer running a virtual machine. The virtual machine's IP address is 192.168.20.21 on our local area network. The main router's ip address is 192.168.20.1. I have port forwarded 3389 to the ip address of the virtual machine for both TCP and UDP traffic.
If I try to remote desktop (RDP) into the VM using its local IP address, no problem. If I try to do it using the router's IP address, it doesnt work. I have checked the VM itself, as well as the computer hosting the VM, and port 3389 is open.
I have even tried port scanning using some of the internet's free tools, and it shows that my port is open. I'm going crazy trying to imagine what else could be stopping RDP from connecting to the VM. The proper solution, that doesn't skirt any licensing terms, and is secure in a way that satisfies compliance regulations is to have your folks on the road establish IPSEC VPN tunnels into your network. Then, over the VPN, they RDP straight into a Windows Terminal Server.
No forwarding of RDP is required, no connections are available to the Internet at large. Nothing is open on the router, there is minimal WAN attack surface because people have to be on a VPN to connect to anything inside the network. They establish a VPN, and everything (including RDP) traverses that encrypted tunnel.
That's the right way to do it, and it's an industry-standard setup. No brute force detection on the WAN-facing side, no crazy software - just everyday, standard IPSEC VPNs. Edit: You can do this with a Cisco ASA, a pfSense box, any MikroTik router.
Just depends on how many concurrent VPN tunnels you'll have and how much data you're pushing. I'm not familiar with that exact unit, but some routers have trouble hairpinning a connection to their outside IP from inside the network back into that same network.
You can normally play with policy NAT settings to get this working, though I don't know if that router is capable. To get around this (if your firewall won't play nice) you can normally fudge it with host entries/DNS, especially if you have a public domain/dynamic DNS domain. For example, I have some cameras and devices at home I like to access both internally and externally and its easiest if I can just connect to the same name everywhere. So my public DNS points 'device.domain.com' to my external IP, and internally my DNS points 'device.domain.com' to the device's internal IP.
Or just keep two RDP profile files, one for internal access, one for external.