How Can I Add Several External IP's To RDP Into The Same Computer Using The Same Port?

SonnyB · ‎03-25-2025

Hi Everyone,

We have several locations that need to RDP into our office to access the same PC via the same RDP port.

Our current setup is:

VIP

Name: VIP RDP PC1

External IP: Our building's external/public IP.

Map to: PC1's LAN IP.

Port Forward to: 3390 TCP

I created a Firewall Policy:

Name: RDP To PC1

Incoming: WAN

Outgoing: VLAN5

Source: All

Destination: VIP RDP PC1

Service: All

NAT: Disabled

Action: Accept

For some reason, I can RDP in from home. When a coworker tries to RDP in from their home, they can't.

Before we could RDP in when we were using a different firewall, Netgate 6100, so I know it's not our home setup. We just installed this Fortigate 90G, which is very nice.

Any assistance is greatly appreciated.

Thank you very much,

Sonny

SonnyB · ‎03-25-2025

Sorry, I found the problem when Domingo from Support noticed my list of VIP's had in addition to our office's external IP's, my mistake was I added our other office's external IP's to this VIP list. When I deleted all of them so that the VIP list only had our office's external IP, everyone could RDP in.

So now, I'm just adding our Whitelist of IP's to configure this list of IP's as being the only ones that can RDP in.

Thank you very much for your assistance. It's greatly appreciated.

Sonny

View solution in original post

GauravPandya · ‎03-25-2025

When Coworker tries to RDP, it prompts for credential or time out?

I would suggest to capture packet with diag sniffer and also capture packet with debug flow.

SonnyB · ‎03-25-2025

Thank you very much.

When Coworker tries to RDP in, it times out saying Remote Desktop can't connect to the remote computer for one of these reasons.

Sorry, how do I run the diag sniffer?

Thank you very much,

Sonny

GauravPandya · ‎03-25-2025

Open 2 SSH session and run diag sniffer on 1 session and debug flow on another.

Diag sniffer
# diagnose sniffer packet any "host <Public IP of Coworker>"

Debug flow
# diagnose debug disable
# diagnose debug flow filter addr <Source_IP_publicIP_of_Coworker>
# diagnose debug flow show function-name enable
# diagnose debug console timestamp enable
# diagnose debug flow trace start 1000
# diagnose debug enable

GauravPandya · ‎03-25-2025

Missed level 4 on diag sniffer

Diag sniffer
diagnose sniffer packet any "host <Public IP of Coworker>" 4

SonnyB · ‎03-25-2025

Thank you very much.

Sorry, I'm sure I'm entering the command wrong.

Screen Shot 2025-03-25 at 10.52.41 AM.png

Thank you very much for your assistance on this.

Sonny

SonnyB · ‎03-25-2025

Sorry, I found the problem when Domingo from Support noticed my list of VIP's had in addition to our office's external IP's, my mistake was I added our other office's external IP's to this VIP list. When I deleted all of them so that the VIP list only had our office's external IP, everyone could RDP in.

So now, I'm just adding our Whitelist of IP's to configure this list of IP's as being the only ones that can RDP in.

Thank you very much for your assistance. It's greatly appreciated.

Sonny

GauravPandya · ‎03-26-2025

Glad to hear that it is resolved. You could have resolved early by checking output of diag sniffer.

SonnyB · ‎03-27-2025

Thank you very much. Will look into how to use the sniffer. Thank you very much for all your help. Cheers.

How Can I Add Several External IP's To RDP Into The Same Computer Using The Same Port?

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website