Redirecting RDP (port 3389) with iptables
5,361
As it seems that all machines are on the same subnet, the Windows computer will try to answer directly to the client without passing through the NAT box (layer 2).
You should SNAT reply packets also, adding :
iptables -t nat -A POSTROUTING -s 10.10.10.7 -p tcp --sport 3389 -j SNAT --to 10.10.10.5
Related videos on Youtube
03 : 37
Remote desktop port 3389 open
34 : 05
iptables Demystified - Port Redirection and Forwarding HTTP Traffic to another machine (part 1)
01 : 21
Ubuntu: Redirect port 3389 with iptables, to an IP network
09 : 34
Using iptables for port redirection
07 : 15
Port forwarding with DNAT and Iptables
01 : 35
DevOps & SysAdmins: Redirecting RDP (port 3389) with iptables (2 Solutions!!)
Author by
Admin
Updated on September 18, 2022Comments
-
Admin over 1 year
I have a Debian server with an IP 10.10.10.5 and a Windows computer with an IP 10.10.10.7. My plan is to make the Debian server forward all RDP traffic to the Windows computer with these iptables rules:
iptables -t nat -A PREROUTING -p tcp --dport 3389 -j DNAT --to-destination 10.10.10.7:3389 iptables -A FORWARD -p tcp --dport 3389 -j ACCEPTBut for some reason it does not work. I have set IPv4 forwarding to "1".
When I connect directly to the Windows computer from LAN it establishes the RDP connection, but doesn't work through the server. Nmap of 10.10.10.5 returns "filtered" for 3389, but nmap of 10.10.10.7 returns "open". What could be the problem?