I have a Site to site VPN (Site A - 10.0.0.x, Site B- 192.168.0.x) active and also need the requirement for port forwarding TCP 3389 to a Terminal Services Server from the outside.
I have the nat statement-
ip nat inside source static tcp 10.0.0.78 3389 interface dialer 0 3389
on side A and can now get in via the public(dialer 0) IP address straight to the server (10.0.0.78) I can also RDP to 10.0.0.78 from inside Site A but cannot RDP from Site B to 10.0.0.78
I can ping 10.0.0.78 fron site B and there is no firewall currently on the machine but it does not work.
As soon as I remove the Static NAT statement, I can RDP straight in from Site B (through the tunnel) to 10.0.0.78
Is there a way to set this up so both Remote (internet) clients can RDP to the server AND tunnel clients?
*note Tunnel clients can get on ok via the public IP if static nat is present.
thanks in advance.
ip nat inside source static tcp 18.104.22.168 80 22.214.171.124 80 route-map SSS
route-map SSS permit 10
match ip address SSS
ip access-list ext SSS
deny ip any remote-net
permit ip any any