Hi,

I appreciate your inut very much.

I ssh to the firewall and when I ran the comand config, it asked me if it's console or network so I chose console (see attached screen shot

I enabled https remote management.

I wanted to add another RDP to one of the machines in the office but nstead of cloning the (10.222.0.2) entry, I deleted it (by accident )

Now, I have recreayed that NAT plus another one to the workstation but now I can't get to either one of them. The SDM said that it saved the config successfully.

Do I need to reboot it?

I figured it out...

My question now is how do I add nother NAT to the workstation 10.222.0.103

This is what i just added to the server's RDP conenction in NAT: ip nat inside source static tcp 10.222.0.2 3389 interface FastEthernet4 3389

If I do the same for the workstation ip nat inside source static tcp 10.222.0.103 3389 interface FastEthernet4 3389 how would the firewall know where to rout me to?

Thanks

The only way to accomplish another NAT to 3389 on your other machine is to use a different port or a different IP.

You could do:

ip nat inside source static tcp 10.222.0.103 3389 interface FastEthernet4 3390

That would direct any requests to port 3390 on Fe4 to port 3389 on  your host. The problem with this is I dont think you can set the Windows RDP client to point at a different port number.

EDIT:

I did a quick google, you can change the port in your RDP client, just do it like this: :

If you do that, my example above will work.

Message was edited by: rtjensen4

Thanks all for the info.

This is Microsoft KB on how to change the client's RDP port in the registry: http://support.microsoft.com/kb/306759

Since there is only 1 static IP on the public interface, both the client and host workstations will have to have the RDP port that they listen to changed to be the same.
Otherwise, this will not work.

If you do the NAT statement like this:

ip nat inside source static tcp 10.222.0.103 3389 interface FastEthernet4 3390

When the router sees a request to port 3390 on the outside interface, it will redirect it to port 3389 on 10.222.0.103.  The host will see just a regular connection to port 3389. The router does the translation for you. Trust me, give it a try. it will work. You don't need to change the port that the service listens on on the PC.

I just added the entry in the firewall. When I hit the public IP from my Laptop, it will take me directly to the server. If I give the public IP to the client, it will take him directly to the server as well.

I really think that I have to change the ports that the workstation is listening to.

Hi,

I decided to use VPN instead.

How do I delete the NAT RDP that I created?

Thanks