Philip Chen 
Australia
Member since
7/11/2005
Registered Users
Posts: 24
 |
| 5/02/2007 04:45 PM |
|
I know I can easily do this with ISA but...
I have a client without ISA that has requested the following.
I need to port forward to an internal workstation
I have a router and two nics.
Router port forwards to external nic and then ?
(I Know in ISA I create protocol rule and a web listener and send to internal workstation)
Stuck on what to do in standard.
It's been suggested RRAS, SERVER, IP Routing, NAT, Local Area but I need help configuring this.
I note the default for this is set at "Private interface connected to private network".
Thanks
Philip
|
|
|
|
|
|
eddie kerr
United Kingdom
Member since
1/10/2007
Registered Users
Posts: 534
|
| 5/03/2007 06:14 PM |
|
why not just port forward on your router direct to the nic
just out of interest what you trying to forward too |
|
All the Best,
Eddie Kerr.
MCP, MCTS, MCSA, MCSE, +S, +M. |
|
|
|
Marina Roos
The Netherlands
Member since
3/24/2005
Forum Admins
Posts: 12290
|
| 5/05/2007 03:34 AM |
|
Hi Philip,
Depending on what port exactly you need to forward, it can be done in RRAS, IP Routing, NAT/Basic Firewall, properties of the external nic, tab Services and Ports.
|
|
| Marina Roos Smallbizserver.Net Administrator | Mission accomplished. We have joined the branch office to our SBS 2003 Headquarters and have the same user experience on the branch office as we have on our local network at the Headquarters. Want to know how? Signup up for a subscription and get instant access to the article series 'How to add an additional Domain Controller from a remote office to the SBS domain' |
|
|
|
|
Philip Chen
Australia
Member since
7/11/2005
Registered Users
Posts: 24
|
| 5/05/2007 04:29 PM |
|
Hi Eddie I am using two networks cards and router so router already port fowards to external nic now I need to get that port forward internally to workstation on other side of server.
Thanks Marina, I got that far sometimes the where is easier than the how. |
|
|
|
|
|
Marina Roos
The Netherlands
Member since
3/24/2005
Forum Admins
Posts: 12290
|
|
Philip Chen
Australia
Member since
7/11/2005
Registered Users
Posts: 24
|
| 5/05/2007 06:08 PM |
|
Hi Marina, In my site I have the application working because I use sbs2003 R2 with ISA 2004. So I on my router (I created a firewall rule) and then port forward to external nic on server.
In ISA create a web listener on external lan (nic) for (for custom protocol) and forward to my workstation. Works a treat.
My client has only sbs2003 standard so whilst the best answer is UPGRADE I am now only curious as to if I could do it?
Because I believe now if my client wishes to use this product then they should have ISA. Thanks
|
|
|
|
|
|
Marina Roos
The Netherlands
Member since
3/24/2005
Forum Admins
Posts: 12290
|
|
Philip Chen
Australia
Member since
7/11/2005
Registered Users
Posts: 24
|
| 5/06/2007 04:43 PM |
|
RemoteHelp from www.gidsoftware.com
It is remote support/training software.
Thanks
Philip
PS. You can nominate your own port. |
|
|
|
|
|
Marina Roos
The Netherlands
Member since
3/24/2005
Forum Admins
Posts: 12290
|
|
Philip Chen
Australia
Member since
7/11/2005
Registered Users
Posts: 24
|
| 5/07/2007 03:03 AM |
|
Hi Marina.
Well it hasn't yet gone wrong as I have yet to test it. It's just I need to understand it. I thought that the better approach prior to going onsite.
Its just that with ISA I can understand how it works and subsequently how to set it up. The scenario in full.
My client receives a support/training call form a remote office.
The remote office launches an remotehelp application.
This uses DNS to route its way to the clients office where it is met with a router.
The router then has a firewall rule to allow this port through.
It then forwards these requests to the external nic
(Using ISA2004 I created a protocol rule to for a certain port I then created a web listener from external to nominated workstation)
On the local workstation I launch the application, this listens on a nominated port.
The next thing you know I am connected to the external workstation with a minimum of fuss.
I am trying to replicate this is a non ISA2004 environment ala SBS2003 standard.
FYI. By default it does not work (as I would expect, I just tried) as I am unable to port forward to a local workstation where the client application is running.
Thanks for the persistance.
Philip
|
|
|
|
|
|
Marina Roos
The Netherlands
Member since
3/24/2005
Forum Admins
Posts: 12290
|
|
Philip Chen
Australia
Member since
7/11/2005
Registered Users
Posts: 24
|
| 5/07/2007 05:29 AM |
|
Hi Marina,
Thats why I listed my original post. I know where to do it just not how.
When I open RRAS, Server, IP Routing, Nat/Basic Firewall in the right hand screen I see Router, Loopback, Local Area & Internal.
I right click on Internal and select Properties
On the Properties Tab the first check box is selected "Private Interface to Private Network.
This is where I need help (please). Step by step.
Thanks
Philip |
|
|
|
|
|
Marina Roos
The Netherlands
Member since
3/24/2005
Forum Admins
Posts: 12290
|
|
Philip Chen
Australia
Member since
7/11/2005
Registered Users
Posts: 24
|
| 5/08/2007 03:04 AM |
|
Thanks Marina,
Just so happens that I am logged into the client as I have received your response.
So I have selected external nic (router) right clicked to properties and note that tehe "public interface connected to internet" is selected.
What next? ext 61.88.129.178
How do I port forward to client PC on lan 192.168.16.41
The current filter action is set to "Receive all packets except those that meet the criteria below
Thanks
PS. Proud to be a paid subscriber :-)
|
|
|
|
|
|
Marina Roos
The Netherlands
Member since
3/24/2005
Forum Admins
Posts: 12290
|
|
Philip Chen
Australia
Member since
7/11/2005
Registered Users
Posts: 24
|
| 5/08/2007 03:36 AM |
|
Sorry! RRAS, IP Routing, NAT/Basic Firewall, properties of the external nic, tab Services and Ports.
No success first time around but I'll keep trying. |
|
|
|
|
|
Dan Fluferton
United Kingdom
Member since
1/31/2007
Registered Users
Posts: 20
|
| 5/12/2008 06:52 PM |
|
Sorry to dig up this old thread but I'm having the same issue and it didn't get concluded so far as I can see.
I want to forward a port to client PC on the LAN (which has a fixed IP address).
So I go to RRAS / / IP Routing / NAT-Basicfirewall
Then select properties of 'Network Connection' (the external NIC)
Then click 'Inbound Filters'
And then what?
|
|
|
|
|
|
Mariette Knap
The Netherlands
Member since
3/24/2005
Forum Admins
Posts: 12656
|
|
Dan Fluferton
United Kingdom
Member since
1/31/2007
Registered Users
Posts: 20
|
| 5/12/2008 07:16 PM |
|
Never mind, here is how to do it in case anyone was wondering:
1. Setup the desired port forwards on your external router to point to the SBS server (much like those for OWA etc.)
2. Run the CEICW and add the new ports to the firewall wizard (this seems counter intuitive but bear with me)
3. Open RRAS (start / Admin tools 'Routing and Remote access')
4. Drill down to "NAT/Basic Firewall"
5. Right click on 'Network Connection'
6. Go to the 'Services and Ports' Tab
7. Find the forwarders you setup in the CEICW wizard and hit edit
8. Change the private address to that of the internal PC or device you want to forward to.
9. Hit Apply and you're done.
Note: I'm not sure if re-running the CEICW wizard will revert these back again in the future, if so you'll have to re-do the above process.
|
|
|
|
|
|