How to allow Remote XP users to control XP workstations behind a Firewall in an Wndows 2003 environment

Greetings! I need to setup remote access to XP workstations in a Windows 2003 domain using Remote Desktop Connection behind a SonicWall Firewall with a single Static IP. Should I simply configure the Firewall rules, allowing To and From RDP connections, using different port numbers for each workstation ie.,

Static IP = 75.78.10.104

Workstation1 = 75.78.10.104:6689
Workstation2 = 75.78.10.104:6690
Workstation3 = 75.78.10.104:6691

Thanks for your help!
cosmicIPASysAdminAsked:
Who is Participating?
 
ShankadudeConnect With a Mentor Commented:
Yes, this is exactly what you should do.

Configure your firewall so that different ports on the outside redirect to port 3389 on different computers.
so workstation1 is 75.78.10.104:6689 and it redirects for example to 10.10.1.1:3389



Shankadude
0
 
cosmicIPASysAdminAuthor Commented:
What line in each remote workstatitions registry (RDP section?) would need to be modified reflecting a unique port?

Also, are their security issues in using this type of remote control compaired to say pcAnywhere? Would the passwords be sent in clear text and would 3389 be vunerable to a dictionary type attack (probably)?
0
 
ShankadudeCommented:
See this Microsoft KB article for the registry keys to change.
http://support.microsoft.com/kb/187623

But if the only goal is to be able to reach the computers from the internet, there is no need to do this with most firewalls.. The portnumbers on the outside and the inside can be different.
You only have to enter in your router/firewall that for example external port 1122 goes to internal port 3389 at computerX, and that external port 1133 goes to internal port 3389 at computerY.

Hope this helps.
0
Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

 
caddladyCommented:
Make sure there are no blank Administrator passwords on any of the workstations!  Enforce passwords for all users and make them meet the complexity requirements!
0
 
cosmicIPASysAdminAuthor Commented:
What about semding passwords in clear text; does the client prevent this?
0
 
ShankadudeCommented:
Default there is password encryption.
Read for more details and settings this article:
http://www.mobydisk.com/techres/securing_remote_desktop.html
0
 
cosmicIPASysAdminAuthor Commented:

Thanks for the input. A remote connection initialized over VPN seems like currently the best solution that does not require changing any ports on either the client or server side.

Check this out: http://www.experts-exchange.com/Security/Q_20824244.html

Thank you for your input.
0
All Courses

From novice to tech pro — start learning today.