NAT Configuration to access Remote Desktop

Showing results for 
Show  only  | Search instead for 
Did you mean: 

NAT Configuration to access Remote Desktop

L2 Linker


We need to configure an input rule to authorize an public IP address to access at one of our virtual machine on our subnet.

Concretely, I need to authorize public IP address access directly to our virtual machine with the private IP on the port 3389 (Remote Desktop) only via our public IP address (

I configured a NAT rule but it didn't work. May be I doing something wrong ?

Can you help us about this topic ?

Thank you for your help.


L4 Transporter

Hi @feelgood ,


Hope you have configured the NAT and security rule properly. refer below doc for help.

Hi @Abdul_Razaq,


Thank you for your answer, I go test that.


While this certainly works I would question why you wouldn't simply give whoever's needs access to this device access through the built in GlobalProtect VPN solution. 

You are still exposing this desktop to the outside world. You might be limiting it via a security policy but the NAT statement is still there. To avoid issues due to a misconfiguration I would recommend against your current approach. 


We have already GlobalProtect configured on our PanOS but it's for our users. This NAT configuration is for a partner who needs to access an environnement via our public IP address.


We don't want grant access at this partner on our VPN access because it's not partitionned correctly at this time.


So, the only solution I founded it's this NAT rules restricted on the IP address of this partner.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!