There is a FAQ on this here: http://sourceforge.net/docman/display_doc.php?docid=4427&group_id=13751
I use it to access my box currently. Let me know if it is just the one port. I think Terminal Server uses 3389 and Citrix uses 1494. I probably need to update the FAQ. -sp On Tue, 04 June 2002, Ray Olszewski wrote > > At 09:37 AM 6/4/02 -0400, Jaime Goncalves wrote: > >Hi I'm trying to rdp into my win2k server behind my lrp box this is the > >command to open the port on the lrp box from the command line "ipchains > >-A forward -p tcp -s xxx.xxx.xxx.xxx 3389 -d xxx.xxx.xxx.xxx 3389 -j > >ACCEPT" > >can any one see a problem with the syntax > > > The syntax looks fine. > > But in choosing to conceal the IP addresses involved, you left open the > question of whether this setup is a simple router or a NAT'ing router. If > the LEAF router is NAT'ing, you'll need to add a port-forwarding entry (via > ipmasqadm) instead of this ipchains entry. And in any case, you may need to > modify the input chain to ACCEPT incoming traffic from or to (or both) port > 3389. (And since I am unacqquainted with the rdp service, I don't actuaally > know that it can be made to work through a NAT'd connection at all.) > > Oh, one qualification on my syntax comment ... you are adding (-A) this > rule rather than inserting (-I ##) it. This means it gets put at the *end* > of the forward chain. Since packets pass through the rules of a chain in > order until they hit a matching one, it is possible that some rule prior to > the one you are creating will catch and act on the packets. This is why a > chain's rules have to be evaluated as a set, not singly, in isolation. > > If this really was just a question about the syntax of ipchains commends, > then you are set. If you are experiencing trouble with the hookup, though > (as I suspect), you'll probably need to post a more complete trouble > descriptnion. See the "SR FAQ" link below for help if you need to do this. > -- > -----------------------------------------------"Never tell me the > odds!"-------------- > Ray Olszewski -- Han Solo > Palo Alto, California, USA [EMAIL PROTECTED] > ------------------------------------------------------------------------------------------- > > > _______________________________________________________________ > > Don't miss the 2002 Sprint PCS Application Developer's Conference > August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm > > ------------------------------------------------------------------------ > leaf-user mailing list: [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/leaf-user > SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html _______________________________________________________________ Don't miss the 2002 Sprint PCS Application Developer's Conference August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
