Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
ben
New Contributor

Probably a dumb question, use Fortigate Client and Fortigate to RDP back out to WAN Windows Server

I am not permitted to access my data center from outside the country, but I can use my Fortigate with Forticlient IPSEC to access a machine inside my LAN and then RDP to servers in the data center. Is it possible to configure the Fortigate itself to do Windows Remote Desktop Connections using the LAN IPs? That would eliminate the need to rely on any LAN machines being up.

Thanks,

Ben

Ben
Ben
3 REPLIES 3
sw2090
SuperUser
SuperUser

I Think you cannot do that directly. However you could do VIP to access it via WAN Interface. BUt that's highly insecure and not recommended here. As you said you can do VPN to your FortiGate. In that case all you need is split tunneling (otherweise ALL your traffic will go over the VPN) and some policy that allows rdp from vpn to the server(s).

-- 

"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams

-- "It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams
adimailig
Staff
Staff

@ben 

Good day.

Since you are connected to IPSEC dialup remote VPN, you can directly RDP to your Server from external computer. All you need to do is make sure that you have firewall policy and correct routing on Fortigate and on your Server.

Network / Flow:
VPN Client >> IPSEC remote VPN >> Fortigate >> LAN >> Server

Firewall Policy:

Source Interface :  IPSEC remote VPN
Destination Interface : LAN
Source IP : Remote VPN subnet
Destination : Server IP
Service : ALL (or specific RDP)
NAT : ** depending on your routing. If the server only knows about the LAN network, you need to enable it. If it have routing towards your VPN subnet, it can be disable



Best Regards,

Arnold Dimailig
TAC Engineer
ben
New Contributor

Thanks guys, I will experiment with this.

Ben
Ben
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors