hello
i want to connect to my pc friom wan
so i need to open rdpport 3389
and i m not sure how to it
please help
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Before I reply, you should (and I hope already do) know that this is a very "not recommended" practice. MS RDP isn't the most secure protocol out there, and once the hacker has at your machine, everything else inside the network is susceptible.
Now, with that said, you need to create:
[ul]That's the nuts and bolts of it. Nothing too deep, but not something I would do if I cared about my data.
Now, if you know what IP address you are connecting from, you could lock down both the VIP and policy to that IP address, so no one but that IP would even know the port has been mapped. That to me is an acceptable practice.
My two cents.
Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com
Virtual IP (VIP) is the lower arrow (arrow 2, I assume)
Policy is under Policy, the top arrow (arrow 1, I assume). You choose the IP version, V4 or V6. (probably V4)
Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com
What is Externall IP address range ?( see attached file) .
and what i need to type on mapped ip address range ?
In my case - the server ip addess (that i need to connect via rdp) is 10.0.0.18 and i want to do it from everywhere in the world.
so what i need to type at "externall ip adderess" and "mapped ip address range ".
did you mean a internal ip of wan1 ? the ip i got from the isp ?
Having a destination of 'all' is not the same as a destination VIP. A VIP is a destination address translation. You need this to get RDP working (from the Internet with private addresses). Now, what you have posted should work if all the parts are set up correctly, but from the very short bit you posted, I cannot tell.
Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com
Just look at Virtual ip's
you can forward the port there (and outside ip address).
Just dont forget to create a firewall policy after you created the VIP, to allow the traffic
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1660 | |
1077 | |
752 | |
443 | |
220 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.