Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

SBS Server 2003 - Best way to Remote Desktop offsite

Posted on 2004-09-03
3
Medium Priority
?
301 Views
Last Modified: 2010-10-05
I would like to work on our newly installed server at the client site, from our office. (Two different networks, no firewalls at either end...just NAT routers). We installed SBS 2003 and would like to open a port for Remote Desktop administration via the Internet.

Some experience tells me that opening a port may lead to snoopers. Is there a proper way to achieve what I'd like to, here?
0
Comment
Question by:ArtemisConsultants
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 12

Expert Comment

by:ColinRoyds
ID: 11972207
There is only really two ways to do it.
1. Open the port up TCP 3389 forwarded to the server, but restrict access to this port to only your network Ip address range at your office, that way no one other that your compnay can access this service.
2. The better way is to setup a vpn either ipsec or pptp to the client site and use the tunnel to access the server using it's local LAN ip.

These are the most secure, or you can take a chance and leave the port open from any address but then you are relying on NT authentication which would not be to wise.
0
 
LVL 15

Expert Comment

by:vico1
ID: 11978141
The Best way to do it is Thru Remote work web workplace.

I would not worry about port 3389 since every body know that TS works over 3389.

1.Go to server Management.
2.Run the connect to the internet wizard
3.Check option to access Remote Web Workplace From internet.
4.Make Sure that Port 4125 and  is fowarded to your server.
5.You could also use Port 443 instead of port 80 for sercure connection The you would access your server by typing https//serveraddress
6.Now you have to make sure that you have proper credentials to access Remote web workplace

Let me knoe if you need more help


0
 
LVL 12

Accepted Solution

by:
ColinRoyds earned 375 total points
ID: 11979506
Vico I totally disagree with you when you say don't bother about port 3389, if you actually read carefully about what I stated it does say to RESTRICT ACCESS to this port TO CERTAIN IP ADDRESSES ONLY (as in the network ip of  ArtemisConsultants) , that kinda blows your whole theory out of the window. In this case no one other than  ArtemisConsultants would have access to it, AND if you use a VPN it is the MOST SECURE OPTION AVAILABLE. And where is the difference between using port 4125 or 3389, when 4125 the DEFAULT PORT for Remote work web workplace is just as well known as port 3389 .if you really wanted to add to security you would change the port numbers to something random.

I hope this is a bit of a lesson in security for you.
0

Featured Post

Get your Disaster Recovery as a Service basics

Disaster Recovery as a Service is one go-to solution that revolutionizes DR planning. Implementing DRaaS could be an efficient process, easily accessible to non-DR experts. Learn about monitoring, testing, executing failovers and failbacks to ensure a "healthy" DR environment.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Organizations create, modify, and maintain huge amounts of data to help their businesses earn money and generally function.  Typically every network user within an organization has a bit of disk space to store in process items and personal files.   …
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This tutorial will teach you the special effect of super speed similar to the fictional character Wally West aka "The Flash" After Shake : http://www.videocopilot.net/presets/after_shake/ All lightning effects with instructions : http://www.mediaf…
In this video you will find out how to export Office 365 mailboxes using the built in eDiscovery tool. Bear in mind that although this method might be useful in some cases, using PST files as Office 365 backup is troublesome in a long run (more on t…

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question