Community discussions

MikroTik App
  4. RouterOS
  5. General

RDP

Post Reply
 
cgoldsmith
just joined
Topic Author
Posts: 5
Joined: Sat Aug 28, 2010 3:53 pm

RDP

Sat Aug 28, 2010 3:56 pm

I have a routed point to point link. Segment B will allow RDP connections to Segment A. Segment A however will not allow RDP to segment B. This is purely routed and no NAT. We can see the traffic trying to pass to segment B, oddly enough though the TX value shows as 0. We know that the PC's are working properly. Any idea's? The OS version is 4.11.
Top
 
fewi
Forum Guru
Forum Guru
Posts: 7717
Joined: Tue Aug 11, 2009 3:19 am

Re: RDP

Mon Aug 30, 2010 4:53 pm

Firewall filters?

Hard to guess without seeing your configuration. Routes, IP addressing and the firewalls (mangle, NAT and filter at least).
Top
 
cgoldsmith
just joined
Topic Author
Posts: 5
Joined: Sat Aug 28, 2010 3:53 pm

Re: RDP

Mon Aug 30, 2010 7:40 pm

Segment A has a Windows 2008 server where RDP works coming from segment B. The configuration is as follows.

Segment A

Eth0=192.168.200.2 Wireless=192.168.212.1
routes--0.0.0.0 192.168.200.1
192.168.211.0 192.168.212.2

Segment B

Eth0=192.168.211.1 Wireless=192.168.212.2
route=0.0.0.0 192.168.212.1


Mangle, NAT nor any other filter is used. As you can see it is fairly simple. RDP will work locally on segment B and will work from segment B to A but not A to B.
Top
 
makkan
Frequent Visitor
Frequent Visitor
Posts: 82
Joined: Mon Jul 26, 2010 12:38 am

Re: RDP

Mon Aug 30, 2010 10:13 pm

You should do this in your firewall:

RDP is using port 3389

<anything else that you want to permit, ICMP for example>
Segment B ---RDP--> Segment A - Permit
Segment A ---RDP--> Segment B - Permit established
ANY ------> ANY Deny

Established means that it will permit traffic where SRC is sending response traffic.
Top
 
cgoldsmith
just joined
Topic Author
Posts: 5
Joined: Sat Aug 28, 2010 3:53 pm

Re: RDP

Tue Aug 31, 2010 2:35 am

Ok, but again keep in mind that no firewall rules or filters are set up at all. It is simple routing. Are you saying I should make a rule to specifically allow this even though no filters exist? Thanks again.
Top
 
perezcurda
just joined
Posts: 23
Joined: Wed Dec 24, 2008 10:10 pm

Re: RDP

Tue Aug 31, 2010 5:43 am

The route look fine and you do not need firewall rules because you specified that is routing. it's look like problem with the windows firewall or something like that. try Ping the PC's. and verify that the RDP is enable in the PC's.

Another issue I see that your static route say 192.168.211.0 gateway=x.x.x I hope that you put the mask /24. :D
Top
 
cgoldsmith
just joined
Topic Author
Posts: 5
Joined: Sat Aug 28, 2010 3:53 pm

Re: RDP

Sun Sep 05, 2010 4:55 pm

I confirmed that the windows firewall is allowing RDP from remote segments. This issue is thoroughly confusing. I can RDP to other PC's on different segments, just not to this segment.
Top
 
User avatar
Letni
Member
Member
Posts: 376
Joined: Tue Dec 05, 2006 5:16 am
Location: South Carolina

Re: RDP

Mon Sep 06, 2010 10:58 pm

This may be off the wall but how is your wireless link setup? Are you using WDS, MPLS, Pseudobridge?

-Louis
Top
 
makkan
Frequent Visitor
Frequent Visitor
Posts: 82
Joined: Mon Jul 26, 2010 12:38 am

Re: RDP

Wed Sep 15, 2010 1:02 am

Question is still relevant: can you ping hosts on the other segment?
Top
 
dssmiktik
Forum Veteran
Forum Veteran
Posts: 732
Joined: Fri Aug 17, 2007 8:42 am

Re: RDP

Wed Sep 15, 2010 9:16 am

Try to add those filter rules (just the permit ones) and check for traffic hits. It will tell you at least what the router is seeing and help troubleshoot it from a packet perspective.
Top
Post Reply

Who is online

Users browsing this forum: ansh, besskyy, Bing [Bot], GoogleOther [Bot], mada3k, roe1974, Zakazulu and 42 guests
  4. RouterOS
  5. General