Hello,
I once again come back to the SME community to ask for help because everyone has always been very helpful, just wanted to give you all a quick thank you.
==========
I broke this into 2 parts, simple and complicated, a answer for either way is fine with me.
Simple:
I am port forwarding from my external firewall on port 3389 to the public internface on the SME server, and then from SME i'm port forwarding 3389 to a 2003 server running RDP. IT's not working. Maybe a routing issue getting back from the 2003 server to me?
I do have port forwards working from my firewall to SME directly (like ssh, 80, and 443)
Complicated Question
Network layout:
Internet
--> T1
Cisco Router
ETH0
-ip 5.5.5.2
-subnet 255.255.255.248
-gateway 5.5.5.1
--> Cat5e
Cisco Pix (does nat for 172.16.2.2)
Outside INT
-ip 5.5.5.3
-subnet 255.255.255.248
-gateway 5.5.5.2
Inside INT
-ip 172.16.2.1
-subnet 255.255.255.252
--> Cat5e
SME 6.01 Server
Outside INT
-ip 172.16.2.2
-subnet 255.255.255.252
-gateway 172.16.2.1
Inside INT
-ip 172.16.1.5
-subnet 255.255.0.0
--> Cat5e
Layer 2 Cisco Switch
--> Cat5e
Windows 2003 Server
ETH0
-ip 172.16.70.1
-subnet 255.255.0.0
-gateway 172.16.1.5
Port Forwarding
Internet
--> T1
Cisco Router
--> Cat5e
Cisco Pix
STATIC NAT TRANS 5.5.5.4 --> 172.16.2.2 for ports 80, 443, 22, and 3389)
--> Cat5e
SME 6.01 Server
PORT FORWARD 3389 -> 2003 SERVER (172.16.70.1) PORT 3389
*The Other ports (80, 443, 22) are used for the sme server*
--> Cat5e
Layer 2 Cisco Switch
--> Cat5e
Windows 2003 Server
PORT 3389 SERVER (RDP)
The Problem:
3 of the port forwards are directly to the SME server. 1 of the port forwards to the sme server and then is forwarded again to the 2003 server on the internal interface of SME.
*the port forward for 3389 (the one that doesn't work) uses port 3389 across the board*
My Thoughts
I can think of 3 possible solutions to the problem. 1 or all of these might fix it, I wanted somebody's else's opinion 1st.
* Most probable fix.
*1. Probably a routing issue. My request from the internet knows how to travel thru the pix and then to SME and then to the 2003 server, and then it knows how to get back to SME but then it doesn't know how to route back to me.
2. Change the 172.16.2.0/30 thats used between the inside of the pix to the outside of the SME to something like 172.17.2.0/30
3. Add 5.5.5.4 to the trusted network of SME (maybe fix the routing issue I discussed in the * most probably fix