I have Windows 2008 server. It works as a mail, ftp, web server. In my LAN there is other server and i want to reach this server with RDC from outside my lan, (example: domail.com:5555 -> 192.168.0.2:3389). Is there any solution to forward this port using Windows Firewall?
This rule shall forward any incoming connection to port 5555 from outside to your specific LAN IP/port. Here external is the name of the external network interface.
Don't forget to have proper firewall rules that will allow traffic related to port 5555 to pass in both directions on the external NIC. You need to allow incoming traffic to port 5555 and outgoing traffic related to these connections.
I've never used the built-in Windows firewall, but I strongly suggest you to have a look at wipfw. It is smart enough to implement connection tracking.
If you want to use port forwarding as your scenario; you should "add role: RRAS" and manage NAT rules under RRAS in Administrative Tools.
Actually, isvery simple in 2K3 but 2k8? I'm shocked and disappointed
If your Windows server is behind a NAT device then I would recommend creating a port forwarding rule on your NAT that can accept an inbound connection on TCP/5555 and then forward to TCP/3389. This way you aren't modifying the server.
Also, if you have more than one server you would like to connect via RDP then I would recommend you check out Windows 2008 Terminal Services Gateway.
By default, a Terminal Server uses port 3389 for RDP traffic. By default, every single competent hacker in the world knows that a Terminal Server uses port 3389 for RDP traffic. That being the case, one of the quickest changes you can make to your terminal server environment to detour potential intruders is to change this default port assignment.
In order to change the default RDP port for a Terminal Server, open regedit and browse to HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp. Locate the PortNumber key and replace the hex value 00000D3D (which is equivalent to 3389) to the appropriate hex value for the port you wish to use.
Alternatively, you can change the port number used by your Terminal Server on a per connection basis. While still using regedit, browse to HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Terminal Server\WinStations\connection name. Again, locate the PortNumber key and replace the hex value in place with the value you wish to use.
Keep in mind that when changing this setting on your server, all connecting clients will need to be sure they are connecting to the Terminal Server with the new port extension tagged on to the servers IP address. For example, connecting to a Terminal Server with an internal IP address of 192.168.0.1 which is now using the non-standard port 8888 would require a user to enter 192.168.0.1:8888 into the Remote Desktop Connection client.
Please note that you would need to open the firewall to allow incoming connection on the new port. Also, don't forget to take some precautions before editing the registry, such as creating a system restore point.
First of all,
W2K3's firewall can do that. But W2K8's firewall or advanced firewall cannot do this.
Aditional info: "netsh routing..." command doesn't works on W2K8 in any combination (sdvfirewall, firewall etc.).
Just a suggestion but why not add a Remote Desktop Gateway. It's a built in role with W2K8+ that runs over SSL/443 which makes it pretty easy to route over any firewall. In addition you can then setup rules and use a Network Policy Server and rules to really control at a granular level who can access your server. Since you are already running a Web Server this may be the most secure solution. It will also allow you to RDP into any server behind the firewall without having to make any modifications to the firewall.
Works great at my multiple sites and it is VERY secure.
Is your Server 2008 R2 box acting as the 'head of your network', or simply put, your router?
If not, then you need to make these changes to your router/firewall at the front of your network. Setup the port forward exactly as you described above, forwarding the inbound port of 5555 to (serverip):3389
By default, if you do not set the destination port to 3389, it will not work without a registry change to the server you're connecting to.
I believe this is the command you are looking for:
I have Windows 2008 server. It works as a mail, ftp, web server. In my LAN there is other server and i want to reach this server with RDC from outside my lan, (example: domail.com:5555 -> 192.168.0.2:3389). Is there any solution to forward this port
I have a host machine (win server 2008 R2) with several Hyper-V virtual machines. I want to be able to redirect certain ports of host to virtual machines. There is virtual network connection between host and virtual machines (192.168.10.xxx). Host is
Trying to troubleshoot an intermittent problem on a Windows Server 2008 NLB. I think it might be related to an NLB issue. We are using Windows Network Load Balancing to balance load for our multiserver SharePoint front ends. Say... Web Front End 1 IP
I am search to find a program, or a way to block ips that make port scan on the server. The goal is to hide some ports like remote desktop on a different port. So some are search the port with port scanning to locate this port and start the attacks.
I'm trying to "tune" the TCP/IP stack on some Windows Server 2008 machines by following the instructions here: http://www.outsystems.com/NetworkForums/ViewTopic.aspx?TopicId=6956&Topic=How-to-tune-the-TCP%2FIP-stack-for-high-volume-of-web-re
How to "easily" forward incoming port 80to outgoing to port: 8080 for Windows Server 2003? The idea is that all traffice/incoming and outgoing from/to port 80 will be redirected to 8080. --------------Solutions------------- install an ssh server
I'm trying to open Port 1433 on windows firewall but not having much luck. I've added a new Inbound Rule (attempting to open TCP 1433) which looks okay and appears to be on but when I run netstat -an the server doesn't appear to be listening on Port
I just setup a Windows 2008 R2 server and am trying to get a basic mail server up and running so that I can send emails from my applications. I setup a virtual SMTP server in IIS6 and tried doing a local telnet to port 25, which seemed to work fine.
I have an installation of Windows Server 2008 running IIS 6 with a website listening on port 8080, even though I have moved the website to listen on 8080, port 80 is still kept in use by IIS (for truth by the kernel process : System - ProcId : 4). I
I'm running a Virtual Machine server on Hyper-V that stalls about once a week, effectively rendering certain services it is running to be useless. -The physical host machine CPU: 6-core Xeon E5-2620 2.10GHz RAM: 16GB OS: Windows Server 2008 R2 Servic
I'd like to set up some port forwarding in our router, using UPnP. More specifically, I want to run some program on startup that always forwards port 8443 my IP address (192.168.1.100). Port 8443 is for our SVN server. How do I do this with Windows S
In MSDN to make SQL Server accessible from Internet http://msdn.microsoft.com/en-us/library/ms175483.aspx They say to forward port from sql server remote port to usual sql server port 1443. I have at a hosting company 2 dedicated windows server 2008
I bought a Windows Server 2008 and installed GlassFish, Java, PostgreSQL etc. Now my website is running on localhost:8080 in the GlassFish server. How can I set up a port forwarding such that when a request comes to this server via the usual http por
How can I create a domain mysql1.domain.com in Windows Server 2008 R2 and set the server to connect the local MySQL server on port 3306 when someone uses that domain in his application? How about then if I want that only the users in the same network
I am trying to set up Serv-U on Windows Server 2008 R2, but am unable to get the ports working in the Windows Firewall. I also don't have a domain pointing at this server at the moment, as we are just using it as a test server at the moment, this won
After two full days of "research" (read: banging my head against my keyboard) and cursing at TeamCity/MSDN/Tomcat documentation as well as phantom IIS bindings, I've come up with an answer to a very perplexing issue: How can I change TeamCity's
I have a Windows Server 2008 box running as a Domain Controller. I have noticed in my Cisco ASA firewall logs that this box is continuously sending out (like a thousand requests a second) requests on TCP port 445 to external hosts. I have made an eff
I'm having an issue with my Windows Server 2008. I can successfuly connect to it with FTP(port 21), remote desktop(whatever the port number is), https but not with simple http or port 80, from the outside of my LAN. Is there some settings I don't kno
I have a Windows Server 2008 R2 that I use to host various ASP.NET applications under IIS7. I would also like to run various PHP based web apps using Apache (or Apache 2). The server has three static IP addresses assigned to it and I would like to bi
I have an application which supposed to be launch from a client machine, but every time I launch it, it shows me an error saying "Failed to talk to database". By the way it is a .Net application and database is SQLExpress2008R2. The app itself i