Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
HTTP forwarding works - RDP doesn't. (help much appreciated)
« previous
next »
Print
Pages: [
1
]
Author
Topic: HTTP forwarding works - RDP doesn't. (help much appreciated) (Read 1322 times)
bvibes
Newbie
Posts: 8
Karma: 0
HTTP forwarding works - RDP doesn't. (help much appreciated)
«
on:
March 27, 2024, 01:15:46 am »
Hello guys,
struggling for 3 days by now, getting RDP-forwarding to work, http-forwarding works fine. Wouldn't bother you, but can't seem to get it working and every help would be much appreciated. Here is my setup:
- Hetzner Cloud dedicated server with Proxmox.
- 2 public IPs:
1) xxx.xxx.xxx.161 -> Proxmox (vmbr0)
2) xxx.xxx.xxx.150 -> virtualized OPNsense (vmbr0, vmbr1)
- vmrb1 -> LAN 192.168.1.0/24
- 2 additional VMs:
a) Test LXC with Apache2 (192.168.1.10)
b) Windows Server (192.168.1.11)
Forwarding on port 80 to the test LXC works just fine and I can reach apache, but RDP to the WinServer just won't. (yes RDP is enabled in WIN and for testing I disabled the WIN-FW)
NAT (RDP):
*************
Interface: WAN
Proto: TCP
Source: WAN address
S-Ports: *
Dest.: WAN address
D-Port: 1111
NAT-IP: 192.168.0.11
NAT-Port: 3389
For Proxmox interface config and OPNsense firewall rules pls see the 2 screenshots.
I know, the setup is not safe this way, this is just the result of troubleshooting and getting it to work some how.
RDP to xxx.xxx.xxx.150:1111 is not working, allthough I can see in the live view of OPNsense a pass for my RDP request.
Probably (and hopefully) I got something wrong with my FW rules or some other stupid brain fart mistake, but by now I just can't see clearly anymore and I would be really glad and thankful for every help...
Thanks for reading and have a great day!
Logged
meyergru
Hero Member
Posts: 1697
Karma: 167
IT Aficionado
Re: HTTP forwarding works - RDP doesn't. (help much appreciated)
«
Reply #1 on:
March 27, 2024, 01:37:51 am »
NAT (RDP):
*************
Interface: WAN
Proto: TCP
Source:
WAN address
should be: any
S-Ports: *
Dest.: WAN address
D-Port: 1111
NAT-IP: 192.168.0.11
NAT-Port: 3389
Logged
Intel N100, 4 x I226-V, 16 GByte, 256 GByte NVME, ZTE F6005
1100 down / 440 up
,
Bufferbloat A+
bvibes
Newbie
Posts: 8
Karma: 0
Re: HTTP forwarding works - RDP doesn't. (help much appreciated)
«
Reply #2 on:
March 27, 2024, 01:49:23 am »
Hey meyergru,
thanks a lot, for answering. Unfortunately this didn't do the trick. Still same result.
Logged
bvibes
Newbie
Posts: 8
Karma: 0
Re: HTTP forwarding works - RDP doesn't. (help much appreciated)
«
Reply #3 on:
March 27, 2024, 02:37:00 am »
I really don't know, I even reconfigured Proxmox from scratch and reinstalled OPNsense, still same result...
Maybe someone could chime in with another idea, or aspect in the bigger picture I'm missing.
Logged
Monviech (Cedrik)
Global Moderator
Hero Member
Posts: 1604
Karma: 176
Re: HTTP forwarding works - RDP doesn't. (help much appreciated)
«
Reply #4 on:
March 27, 2024, 06:58:34 am »
Please use Wireshark on the host that should receive the forwarded packet.
Logged
Hardware:
DEC740
bvibes
Newbie
Posts: 8
Karma: 0
Re: HTTP forwarding works - RDP doesn't. (help much appreciated)
«
Reply #5 on:
March 27, 2024, 02:00:48 pm »
Thank's for helping out. You mean on the host, proxmox is running on, or the WindowsServer VM? And you probably mean the traffic on the nic to OPNsense?
«
Last Edit: March 27, 2024, 02:03:47 pm by bvibes
»
Logged
Monviech (Cedrik)
Global Moderator
Hero Member
Posts: 1604
Karma: 176
Re: HTTP forwarding works - RDP doesn't. (help much appreciated)
«
Reply #6 on:
March 27, 2024, 02:13:29 pm »
No I mean you install wireshark on your windows server and then run it while initiating an RDP session.
Then you check the wireguard paket capture if you see any pakets coming in on port 3389 (to that server)
Logged
Hardware:
DEC740
bvibes
Newbie
Posts: 8
Karma: 0
Re: HTTP forwarding works - RDP doesn't. (help much appreciated)
«
Reply #7 on:
March 27, 2024, 02:31:24 pm »
Ok, thanks for clarifiying... I did. No there are no packages incoming when I initiate the RDP session.
Logged
bvibes
Newbie
Posts: 8
Karma: 0
Re: HTTP forwarding works - RDP doesn't. (help much appreciated)
«
Reply #8 on:
March 27, 2024, 02:34:18 pm »
Could it be, that there is a gateway problem? I see "who has 192.168.1.1?". But why is Apache on the test LXC working then? And it seems like when I initiate the RDP session, that traffic is stopping for like 30-60 sek.
Do you want the report? Then just give me few minutes, to blur out some stuff...
«
Last Edit: March 27, 2024, 02:36:17 pm by bvibes
»
Logged
bvibes
Newbie
Posts: 8
Karma: 0
Re: HTTP forwarding works - RDP doesn't. (help much appreciated)
«
Reply #9 on:
March 27, 2024, 02:45:28 pm »
Probably didn't need to censor the solicit stuff
Here is a screenshot (tried 3 Times to RDP in that time frame)
Logged
Monviech (Cedrik)
Global Moderator
Hero Member
Posts: 1604
Karma: 176
Re: HTTP forwarding works - RDP doesn't. (help much appreciated)
«
Reply #10 on:
March 27, 2024, 08:28:00 pm »
Maybe your windows firewall blocks it or the paket isnt forwarded to the host.
Use wireshark and tcpdump to track the paket from initiator to receiver and find the spot where it vanishes.
Logged
Hardware:
DEC740
bvibes
Newbie
Posts: 8
Karma: 0
Re: HTTP forwarding works - RDP doesn't. (help much appreciated)
«
Reply #11 on:
March 28, 2024, 09:36:14 pm »
Like I said, Win-FW is disabled. I will try to trace it down.
Thank you for your help
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
HTTP forwarding works - RDP doesn't. (help much appreciated)