Hello, i use FortiGate 80F and i have problem with connect via RDP from one subnet to second subnet.
1st subnet is on internel 1 port and is 192.168.1.0/24
2nd subnet is on internal 5 port and is 192.168.10.0/24
I made policy
1st Allow all from subnet 1st subnet to 2nd
2nd Allow all from 2nd subnet to 1st
I see all computers on netscan and can ping but cant connect via RDP.
SMB also works fine. System firewall disable on both computers i test.
I'd run a packet capture on the FGT and see if the PC is providing any response. I seem to remember that PCs by default do not allow RDP from outside of their subnet but I can't remember if that is relevant if your local firewall is turned off. In any case it doesn't seem likely that your issue is with the FortiGate as I'm sure you can verify by checking forward traffic logs as well as packet captures.
Run netstat on the machine you're trying to connect to, confirm that TCP 3389 is listening. Once that's confirmed, you can run diag sniffer packet any 'port 3389' 4 at your FGT's CLI to capture packets as suggested by lobstercreed. That should help you to confirm what's happening to your RDP traffic.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1740 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.