Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

How to allow Remote XP users to control XP workstations behind a Firewall in an Wndows 2003 environment

Posted on 2006-10-20
7
242 Views
Last Modified: 2010-04-18
Greetings! I need to setup remote access to XP workstations in a Windows 2003 domain using Remote Desktop Connection behind a SonicWall Firewall with a single Static IP. Should I simply configure the Firewall rules, allowing To and From RDP connections, using different port numbers for each workstation ie.,

Static IP = 75.78.10.104

Workstation1 = 75.78.10.104:6689
Workstation2 = 75.78.10.104:6690
Workstation3 = 75.78.10.104:6691

Thanks for your help!
0
Comment
Question by:Erichiwaann
  • 3
  • 3
7 Comments
 
LVL 4

Accepted Solution

by:
Shankadude earned 500 total points
ID: 17772174
Yes, this is exactly what you should do.

Configure your firewall so that different ports on the outside redirect to port 3389 on different computers.
so workstation1 is 75.78.10.104:6689 and it redirects for example to 10.10.1.1:3389



Shankadude
0
 

Author Comment

by:Erichiwaann
ID: 17774645
What line in each remote workstatitions registry (RDP section?) would need to be modified reflecting a unique port?

Also, are their security issues in using this type of remote control compaired to say pcAnywhere? Would the passwords be sent in clear text and would 3389 be vunerable to a dictionary type attack (probably)?
0
 
LVL 4

Expert Comment

by:Shankadude
ID: 17777390
See this Microsoft KB article for the registry keys to change.
http://support.microsoft.com/kb/187623

But if the only goal is to be able to reach the computers from the internet, there is no need to do this with most firewalls.. The portnumbers on the outside and the inside can be different.
You only have to enter in your router/firewall that for example external port 1122 goes to internal port 3389 at computerX, and that external port 1133 goes to internal port 3389 at computerY.

Hope this helps.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 8

Expert Comment

by:caddlady
ID: 17777418
Make sure there are no blank Administrator passwords on any of the workstations!  Enforce passwords for all users and make them meet the complexity requirements!
0
 

Author Comment

by:Erichiwaann
ID: 17779142
What about semding passwords in clear text; does the client prevent this?
0
 
LVL 4

Expert Comment

by:Shankadude
ID: 17781527
Default there is password encryption.
Read for more details and settings this article:
http://www.mobydisk.com/techres/securing_remote_desktop.html
0
 

Author Comment

by:Erichiwaann
ID: 17784167

Thanks for the input. A remote connection initialized over VPN seems like currently the best solution that does not require changing any ports on either the client or server side.

Check this out: http://www.experts-exchange.com/Security/Q_20824244.html

Thank you for your input.
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

The HP utility "HP Lights-Out Online Configuration Utility for Windows Server 2003/2008" could be of great use when it comes to remotely configure a HP servers ILO WITHOUT rebooting the server. We would only need to create and run scripts using thi…
Scenerio: You have a server running Server 2003 and have applied a retail pack of Terminal Server Licenses.  You want to change servers or your server has crashed and you need to reapply the Terminal Server Licenses. When you enter the 16-digit lic…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
I've attached the XLSM Excel spreadsheet I used in the video and also text files containing the macros used below. https://filedb.experts-exchange.com/incoming/2017/03_w12/1151775/Permutations.txt https://filedb.experts-exchange.com/incoming/201…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question