Hi,

I am having issues passing RDP or port 3389 traffic through the 837 router.

I have the following setup

ISP---837---Switch---Muptilpe firewalls

The 837 is assigned a static public ip address on dialer 1 by the ISP.

There is a static IP address assigned to ethernet0.

The IP address on etherneto is part of a block of 32 plublic IP addresses.

I'd like the router to pass all traffic and not block any ports.

I have several firewalls on the inside of the router with public ip addresses with ports forwarded to private LAN servers.

E.g FW1 port forward http and ft

FW2 port forwards smtp and pop3

etc

I have two firewalls forwarding RDP port 3389.

When I am on the inside of the router I can get tjrough the firewalls and use RDP. So this is not a firewall issue.

I beleive its a router issue (maybe acces lists)

I have also tested with a XP pc ad assigned a public IP address. from inside router all ok but if I am on a remote network outside the router I can not rdp to any hosts.

Again all other ports we use are working (http,pop3,smtp,ftp ect)

This is a copy of the Router config. Your assistance is appreciated.

Building configuration...

Current configuration : 2338 bytes

!

version 12.2

no service pad

service tcp-keepalives-in

service tcp-keepalives-out

service timestamps debug datetime msec localtime show-timezone

service timestamps log datetime msec localtime show-timezone

no service password-encryption

service sequence-numbers

!

hostname xxxxx

!

memory-size iomem 15

logging queue-limit 100

logging buffered 51200 debugging

logging console critical

enable secret xxx

!

clock timezone PCTimeZone 10

ip subnet-zero

no ip source-route

ip tcp synwait-time 10

ip domain name 111.net.au

ip name-server xxxxxxxxxxx

ip name-server xxxxxxxxxxx

!

!

no ip bootp server

ip cef

ip audit notify log

ip audit po max-events 100

ip ssh time-out 60

ip ssh authentication-retries 2

no ftp-server write-enable

!

!

!

!

!

!

!

interface Ethernet0

description $FW_INSIDE$$ETH-LAN$

ip address x.x.x.33 255.255.255.224

no ip redirects

no ip unreachables

no ip proxy-arp

ip route-cache flow

ip tcp adjust-mss 1452

no cdp enable

hold-queue 100 out

!

interface ATM0

no ip address

no ip redirects

no ip unreachables

no ip proxy-arp

ip route-cache flow

no atm ilmi-keepalive

dsl operating-mode auto

!

interface ATM0.1 point-to-point

pvc 8/35

pppoe-client dial-pool-number 1

!

!

interface Dialer0

description $FW_INSIDE$

ip address dhcp client-id Ethernet0

encapsulation ppp

ip route-cache flow

dialer pool 1

dialer-group 1

no cdp enable

ppp authentication chap callin

ppp chap hostname xxxxxxxxxxxxxxxxx

ppp chap password 0 xxxxxxxxxxxxxxxxxxxxxx

!

interface Dialer1

no ip address

encapsulation ppp

no cdp enable

ppp chap hostname xxxxxxxxxxxxxxxxxxxxxxx

ppp chap password 0 xxxxxxxxxxxxxxxxxxxxxxxxxxx

!

ip classless

ip route 0.0.0.0 0.0.0.0 Dialer0 permanent

ip route x.x.x.32 255.255.255.224 Ethernet0 permanent

ip http server

ip http authentication local

ip http secure-server

!

logging trap debugging

dialer-list 1 protocol ip permit

no cdp run

banner login ^CAuthorized access only!

Disconnect IMMEDIATELY if you are not an authorized user!^C

!

line con 0

login local

no modem enable

transport output telnet

stopbits 1

line aux 0

login local

transport output telnet

stopbits 1

line vty 0 4

privilege level 15

login local

transport input telnet ssh

!

scheduler max-task-time 5000

scheduler interval 500

!

end