Solved

Give a network PC a unique "public" IP address for remote desktop access

Posted on 2004-04-29
12
1,076 Views
Last Modified: 2013-11-21
We have a Win2k network set up with 1 server, and about 40 clients.  All the clients have an internal IP range 20.0.0.1-20.0.0.255.  There is one system on the network (a win2k server system, acting as a client) that we need an outside user access to via XP's remote desktop function.  Problem is.. we don't know how to give access to this system since it doesn't have a unique "public" IP address... just the unique private IP.

How do we go about setting up this client system to be accessible via the Internet, using remote desktop?  Is there a way we can configure it to have a unique IP, different from our main public IP address?

Hopefully I'm making sense...

-David
0
Comment
Question by:dudinatrix
  • 5
  • 4
  • 2
  • +1
12 Comments
 
LVL 67

Accepted Solution

by:
sirbounty earned 250 total points
ID: 10954374
What sort of router are you using?  If it's the one client - forward the RDP port (3389) over to that private address
0
 

Author Comment

by:dudinatrix
ID: 10954403
Its a Speedstream DSL modem... Model 5861.  I get what you're saying.. but I'm not sure how to configure the forwarding port.  Do you know how to do that?  It would be greatly appreciated!!
0
 
LVL 67

Expert Comment

by:sirbounty
ID: 10954429
What's behind the modem?
Do you have a router of some sort?
0
 

Author Comment

by:dudinatrix
ID: 10954442
I believe the modem is the router.  Telnetting in displays "SpeadStream 5861 DMT Router"
0
 
LVL 67

Expert Comment

by:sirbounty
ID: 10954460
Hmm - not familiar with the model...I'll see what I can find.
Usually there's a Port Forwarding piece in the configuration...
0
 

Author Comment

by:dudinatrix
ID: 10954481
The problem is, somewhere along the lines.. an IT guy apparently removed the GUI interface for the configuration.. so I'm left with the command prompts of the telnet.  Not sure where to go/what to do!
0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 
LVL 67

Expert Comment

by:sirbounty
ID: 10954484
Look here under section 3 - advanced router setup:
http://www.ntplx.net/dsl/SpeedStream.5861.pppoe.html
0
 

Author Comment

by:dudinatrix
ID: 10954501
Thank you!  I will have to try this tomorrow.. it sounds like its just the answer I need.  I appreciate your assistance!  Once it works, I'll come back and accept your answer..  thank you again!
0
 
LVL 37

Expert Comment

by:meverest
ID: 10954819
>> All the clients have an internal IP range 20.0.0.1-20.0.0.255.

you do realise that this is not a range allocated as private network, don't you?

cheers.
0
 

Author Comment

by:dudinatrix
ID: 10955156
>> you do realise that this is not a range allocated as private network, don't you?

I'm not too sure what that means then.. does that effect what I need to do?  Should it still work?  Like I said, I'll be doing this when I get into work tomorrow.. any info I can get before then will help greatly.

I figured I could use the commands given on the website referred by sirbounty...

system addserver 20.0.0.X tcp 3389
0
 
LVL 37

Expert Comment

by:meverest
ID: 10955248
>> I'm not too sure what that means then..

what i mean is that there are three network ranges set aside for private networks:

10.0.0.0 - 10.255.255.255,
172.16.0.0 - 172.31.255.255, and
192.168.0.0 - 192.168.255.255

you can use any of these network addresses inside a private network with no fear of any conflict with the outside world.

whether using something other than the above will cause you any problem depends very much on whether there are any public services using those addresses, and whether you ever want/need to access them.

consider, as an example, if you chose to use the network 216.239.57.0-216.239.57.255 for your internal address range.

what you would find is that everything works just fine..... until you try to access google.com, which just so happens is on that same network. your local systems would think thatthey could find www.google.com on your LAN, and so never be able to find it.

well, you might say "that's ok, we don't need google anyway", which is ok - it's not a problem to use that address range.

so in the end, if there are no services out there that are using 20.0.0.0/24 (and i don't know if there are or not) then you won't have any problem.  and even if they are, if you have no need to ever access those systems, or send mail etc to them, then there's still no problem so long as you don't let packets from your internal net get out with the local source address intact.

sorry for being a little off topic (i am aware that you didn't ask for this advice - but i couldn't help myself! ;-)

cheers.
0
 
LVL 1

Expert Comment

by:Nazarelfadil
ID: 10973786
if you are using a router to access the internet then you should be using NAT in this case configure your router or RAS server to pass the remote desktop trafic to your desired server.

if you are using ISA server then do the same.

in both casses your network internal ip address is exposed. change it a any private address space.
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

If your business is like most, chances are you still need to maintain a fax infrastructure for your staff. It’s hard to believe that a communication technology that was thriving in the mid-80s could still be an essential part of your team’s modern I…
When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now