Skip to main content
ben
ben
New Member
June 13, 2024
Question

Probably a dumb question, use Fortigate Client and Fortigate to RDP back out to WAN Windows Server

  • June 13, 2024
  • 3 replies
  • 1117 views

I am not permitted to access my data center from outside the country, but I can use my Fortigate with Forticlient IPSEC to access a machine inside my LAN and then RDP to servers in the data center. Is it possible to configure the Fortigate itself to do Windows Remote Desktop Connections using the LAN IPs? That would eliminate the need to rely on any LAN machines being up.

Thanks,

Ben

3 replies

sw2090
SuperUser
sw2090
SuperUser
June 13, 2024

I Think you cannot do that directly. However you could do VIP to access it via WAN Interface. BUt that's highly insecure and not recommended here. As you said you can do VPN to your FortiGate. In that case all you need is split tunneling (otherweise ALL your traffic will go over the VPN) and some policy that allows rdp from vpn to the server(s).

adimailig
Staff & Editor
adimailig
Staff & Editor
June 13, 2024

@ben 

Good day.

Since you are connected to IPSEC dialup remote VPN, you can directly RDP to your Server from external computer. All you need to do is make sure that you have firewall policy and correct routing on Fortigate and on your Server.

Network / Flow:
VPN Client >> IPSEC remote VPN >> Fortigate >> LAN >> Server

Firewall Policy:

Source Interface :  IPSEC remote VPN
Destination Interface : LAN
Source IP : Remote VPN subnet
Destination : Server IP
Service : ALL (or specific RDP)
NAT : ** depending on your routing. If the server only knows about the LAN network, you need to enable it. If it have routing towards your VPN subnet, it can be disable



ben
benAuthor
New Member
June 16, 2024

Thanks guys, I will experiment with this.

Terms & ConditionsAccessibility statement