I am trying to connect to my server from my laptop. I have done the port forwarding to the local IP that corresponds to the local IP of my server, using port 3389. The firewall is allowing RDP through and I am able to connect to 192.168.1.100 (the server's local IP) But as soon as I use the public IP of the WAN, I cannot connect
When listening with wireshark, I see that my laptop's ip .102 is trying to reach the server's ip .100
:
From the Internet or across your internal network?
If the failure is from inside the network, through the public IP, then it is probably a networking equipment functionality limitation where a lot of SOHO NAT equipment notoriously will not pass traffic from the inside network to its outside WAN interface only to have that traffic attempt to travel back onto the inside interface. In those situations, the port forward/mapping will work correctly when the connection is from the Internet/WAN side.
The first thing to do is to launch Network Monitor or Wireshark to find if the RDP traffic is even making it to your server's interface. Perhaps the router isn't even forwarding the traffic. If it's hitting your server but being rejected, it's likely a local firewall issue. I've seen some firewalls present traffic that is from the outside being translated in as the remote IP address. For example, on a SonicWall under certain circumstances the IP address of the remote machine is presented, and not the LAN interface of the SonicWall. Why is this important? Most default Windows firewall instances reject all traffic that isn't from their own subnet.
Are you sure? Do you have empirical evidence of this?