Solved

SBS Server 2003 - Best way to Remote Desktop offsite

Posted on 2004-09-03
3
300 Views
Last Modified: 2010-10-05
I would like to work on our newly installed server at the client site, from our office. (Two different networks, no firewalls at either end...just NAT routers). We installed SBS 2003 and would like to open a port for Remote Desktop administration via the Internet.

Some experience tells me that opening a port may lead to snoopers. Is there a proper way to achieve what I'd like to, here?
0
Comment
Question by:ArtemisConsultants
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 12

Expert Comment

by:ColinRoyds
ID: 11972207
There is only really two ways to do it.
1. Open the port up TCP 3389 forwarded to the server, but restrict access to this port to only your network Ip address range at your office, that way no one other that your compnay can access this service.
2. The better way is to setup a vpn either ipsec or pptp to the client site and use the tunnel to access the server using it's local LAN ip.

These are the most secure, or you can take a chance and leave the port open from any address but then you are relying on NT authentication which would not be to wise.
0
 
LVL 15

Expert Comment

by:vico1
ID: 11978141
The Best way to do it is Thru Remote work web workplace.

I would not worry about port 3389 since every body know that TS works over 3389.

1.Go to server Management.
2.Run the connect to the internet wizard
3.Check option to access Remote Web Workplace From internet.
4.Make Sure that Port 4125 and  is fowarded to your server.
5.You could also use Port 443 instead of port 80 for sercure connection The you would access your server by typing https//serveraddress
6.Now you have to make sure that you have proper credentials to access Remote web workplace

Let me knoe if you need more help


0
 
LVL 12

Accepted Solution

by:
ColinRoyds earned 125 total points
ID: 11979506
Vico I totally disagree with you when you say don't bother about port 3389, if you actually read carefully about what I stated it does say to RESTRICT ACCESS to this port TO CERTAIN IP ADDRESSES ONLY (as in the network ip of  ArtemisConsultants) , that kinda blows your whole theory out of the window. In this case no one other than  ArtemisConsultants would have access to it, AND if you use a VPN it is the MOST SECURE OPTION AVAILABLE. And where is the difference between using port 4125 or 3389, when 4125 the DEFAULT PORT for Remote work web workplace is just as well known as port 3389 .if you really wanted to add to security you would change the port numbers to something random.

I hope this is a bit of a lesson in security for you.
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

So you have two Windows Servers and you have a directory/folder/files on one that you'd like to mirror to the other?  You don't really want to deal with DFS or a 3rd party solution like Doubletake. You can use Robocopy from the Windows Server 200…
Setting up a Microsoft WSUS update system is free relatively speaking if you have hard disk space and processor capacity.   However, WSUS can be a blessing and a curse. For example, there is nothing worse than approving updates and they just have…
Visualize your data even better in Access queries. Given a date and a value, this lesson shows how to compare that value with the previous value, calculate the difference, and display a circle if the value is the same, an up triangle if it increased…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question