In short: On a Watchguard Fireware XTM I have allowed connections from all on all ports to all ports on internal server (Win2008).
Still I can not rdp in to the server, Watchguard logs says
Code:
Process=firewall Disposition=Deny Policy=Unhandled External Packet-00 Source IP=10.10.30.11 Destination IP=172.16.1.19 Source Interface=pptp0 Destination Interface=br2 Source Port=49801 Destination Port=3389 Protocol=rdp/tcp
I also created a NAT rule from my static ip to server on port 3389, same result.
There are no blocked sites, a few blocked ports but not 3389.
The rule to allow access to Watchguards web-ui on this interface (172.16.1.1) from LAN & VPN works fine. An identical rule for rdp / 3389 to internal server gives this "Unhandled External Packet".
(And I know this isn't strictly a Linux-question, but I believe there are people here who have knowledge about this kind of issue.)