Siju George wrote:
Hi all,
Hi Siju,
After a lot of seeking and reading and doing I have this doubt :-) Is PF not capable of letting two users ( with two differrent computers with 2 differrent IP from the RFC1918 range ) in the LAN to connect to the Same Windows 2003 remote desktop server on the Internet and work on it simultaneously??? The only workaround to connect to Windows Remote Desktop Server through PF I know of now is to use an rdr rule to do port forwarding something like. code: rdr pass on $ext_if inet proto tcp from $Windows_RDServer to any port 3389 -> $WRD_client1 port 3389
I think you're confusing things here. First you talk about connecting from the LAN to a remote RDP server and then you talk about rdr rules. rdr rules are only used on incoming connections, they do not affect outbound connections. So for traffic leaving the LAN and heading to a remote RDP server on the Internet, that rdr rule on $ext_if will have no affect.
You did not copy your ruleset so I can only guess, but I doubt there is anything you're doing to cause a problem with two separate machines connecting to the same remote port. Obviously you CAN make this type of restriction with pf, but it certainly isn't in place by default. Make sure that the problem is not on the RDP server and that it is allowing more than 1 client to connect at a time.
.joel
