1. Home
  2. Networking Firewalls
  3. RDP from outside network

RDP from outside network

I apologize for cross posting this issue to multiple lists, but it is necessary because there are a few different technologies and solutions that require assistance from different professionals.

First of all, I am still fairly new to networking, so please be gentle. I need to allow RDP connections to a server from outside of the LAN. VPN is out because of multiple VPN clients on remote computer that are conflicting. In the Windows group, it was suggested that I "create a tunnel through the firewall" and change the default port that the RDP service listens for on the server. First of all, is this a good solution, and second of all, how do I configure this on the firewall??

Thanks in advance for all of your help and suggestions.

Sincerely,

Matt Atkins

Reply to
Matt
Loading thread data ...

No. You allow remote connections into your LAN. That's always a bad thing. Put the server into a DMZ, set up an SSH server (e.g. on the Windows-Server) and forward Port 22 to the host running the SSH server. Then you can establish an SSH tunnel and connect to your Terminal Server through this encrypted tunnel.

You need to forward a port (22/tcp if you want to tunnel RDP through SSH, which I'd recommend, or 3389/tcp for RDP without tunneling). How this is configured depends on what firewall you have in place.

cu

59cobalt
Reply to
Ansgar -59cobalt- Wiechers

You could also just forward the port since RDP is encrypted -- however, keep in mind that it's only 128 bit and not all data is encrypyed.

formatting link

-Gary

Reply to
Gary

Now that Microsoft' Virtual PC software is free, I suggest you set up a virtual instance and use it for the VPN client. One of our consultants has a separate virtual machine for every client they work for. That keeps all of the configs and files and VPN clienst completely separate.

Ray

Reply to
JJ

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.