Inconsistent RDP port forwarding
Recently, our Port forwarding for RDP seemed to stop working. Checking the firewall (Cisco ASA551), I can see the the NAT and access rules are configured correctly. In trying to connect from WIN7 to either a WIN7 or WINXP host, the firewall logs show the packet being passed, but no response is ever received on the client end.
In trying to diagnose the problem, I discovered that everything works perfectly fine from PocketCloud (a 3rd party Android RDP client).
I have verified the Server Authentication issues on the client RDP are set to "warn me". Internally, everything works as expected.
Have you done a packet capture at both endpoints? Just trying to make sure your NAT is doing what you think. Also, it rules out an RDP-specific issue, versus an actual connectivity issue. Is anything else not working?
I had an issue where a FIPS group policy setting got turned on in a windows client during AnyConnect installation. It caused the client to reject RDP servers that were not FIPS compliant. So connecting to XP machines wouldn't work. Not your particular issue (to Win7 as well), just trying to stress that you need to look at the packet captures to see exactly what is really going on between the endpoints.