Hi,
I've got a firewall and behind several 2012 R2 (Physical and VMs).
The firewall has its public ip, and also a public subnet routed to him (same results with private networks on a lab).
Connecting with RDP from several Mac Yosemite to the server nat-ed behind the FW public ip is ok.
Connecting with RDP from the same Mac to another server nat-ed on the other public ip stay on "negotiating credential"
Changing which server is nat-ed give the same result. So it's not specific to a server.
I've tried with others services (telnet server for example) and it works perfectly. Just not working for RDP.
To make a test :
Mac Yosemite RDP 8.0.14 : 192.168.1.16
Firewall Wan : 192.168.1.253
Firewall Lan : 192.168.200.253
Server 1 : 192.168.200.1
Server 2 : 192.168.200.2
Subnet 192.168.100.0/24 routed to 192.168.1.253
On the firewall (in my case Checkpoint S680) :
Nat 192.168.1.253:3389 to 192.168.200.1
Nat 192.168.100.100:3389 to 192.168.200.2
You can connect to 192.168.1.253 with RDP, on 192.168.100.100 stay stuck on "negotiating credentials"
Thks