How do I connect to multiple Remote Desktop PC's which are behind a NAT firewall (no VPN)

Hello,
I installed remote desktop web connection on a windows 2003 server.  I have port 3389 forwarded to this server through the firewall.   When I got to http:\\publicip\tsweb  I get the good screen.  If I put the private ip address here (or local computer name), I can get to all 10 windows xp remote desktop pc's when I am on the local network but not from the public internet.  

So I know each pc is setup correctly, the firewall is port forwarding to the Remote Desktop web connection server ok.   Am I misunderstanding how RDWC works?  Do I have to create a custom port for each desktop pc (3390, 3391, etc) and just forward those directly to the pc's?  If so, what is the use of RDWC?  

I hope I am just missing something.    And yes, VPN will solve this.

Thanks in advance,
Berne
LVL 1
fitzpabAsked:
Who is Participating?
 
karlwilburCommented:
I think that you may not be able to make this work without port forwarding. RDWC only provides a way to tie into the RDP server without having RDP client installed by implementing an activex control. It looks like you cannot "pass through" a server. You need to have direct access to the intended box (via port forwarding if needed).

I was certain that I had done it before. But now, after thinking about it a bit more, I recall that I did end up opening ports for clients to use public ports for RDP adn just forwarded a single port to a single box. The TS Web was working for Intranet, but in those cases the private IP address was directly accessible.

I used non-standard ports on the public interface, but if I were going to do such a thing again, I'd recommend looking in to "port knocking" before just opening up public ports directly into a RDP server.

0
 
karlwilburCommented:
I think that your simplest solution would be to create multiple ports as you suggested.
0
 
fitzpabAuthor Commented:
Thanks for responding.  I know that will be a solution.   I was just wondering what the use of remote desktop web connection is then.   It is easier to create a local remote desktop icon to go straight through everything.   It seems the RDWC is for connecting to multiple pc's (like you can do with SBS 2003).  Am I missing something?
0
Get your problem seen by more experts

Be seen. Boost your question’s priority for more expert views and faster solutions

 
karlwilburCommented:
RDWC is mainly for systems that do not have a RDP Client. It allow these systems to use an activex control from within IE to connect to the RDP server.

There is also the added benefit of being able to pass connection through to other servers, which is what you are doing.

To achieve that you'd do something like this (assuming the default configuration):
http://publicip/TSWeb/default.htm?Server=servername

or this:
http://publicip/TSWeb/default.htm?Server=serverip
0
 
thecomputerdocsCommented:
I wouldn't recommend opening ports in your firewall for remote desktop. Opening any ports in your firewall has risks associated with it.
How about using something like logmein.com....It's free, and you can enjoy the ability to connect to multiple connections. It also creates logfiles of your connections, for support accountability...
AND, I love this....check out their logmein ignition program...it's like an instant messaging application, but lets you fire off remote connections as easily as how you'd IM someone...
Hope that helps...
0
 
karlwilburCommented:
I have to agree whole heartedly. Opening firewall ports for RDP is not a good idea.
0
 
thecomputerdocsCommented:
0
 
fitzpabAuthor Commented:
Thanks guys,
Yeah, I'm a big Logmein user.  I have already been using that, it's just the free version doesn't let you remote print or transfer files.  I might to back to it if this is what I'm thinking it is.

Your post about the pass-through is a little confusing.  Does this mean if I put RDWC additionally on the XP PC's, I can get to them?  Your "default.htm?Server=servername" extension makes me think that.  Right now if I put that server or IP name in, I just get an error.

http://publicip/TSWeb/default.htm?Server=servername

or this:
http://publicip/TSWeb/default.htm?Server=serverip
0
 
fitzpabAuthor Commented:
In good conscious, none of the responses answered the issue so I don't want to accept anything and mislead other techs when they search.  Please close with no solution
0
 
karlwilburCommented:
fitzpab,
Sorry, I didn't see you post above ( ID: 20082769 ) until just this minute.

What error are you getting from the private IP address?

You may need to have a public IP address for each system.

A little Googling turned up this web page, which might help explain the URL params a little more:
http://dev.remotenetworktechnology.com/urlparams.htm
0
 
karlwilburCommented:
this:
http://publicip/TSWeb/default.htm?Server=servername
or this:
http://publicip/TSWeb/default.htm?Server=serverip

Could be something like:
http://www.somedomain.tld/default.htm?Server=host1.local
or:
http://www.somedomain.tld/default.htm?Server=192.168.0.1

But I can't recall if the ipaddress / hostname needs to be public (i.e Public IP or FQDN with public DNS record). Please let me know what error you are getting.
0
 
fitzpabAuthor Commented:
Hello Karl,
thanks for the response
http://dev.remotenetworktechnology.com/urlparams.htm is not a valid site (or it's down right now)

I know I could do seperate public IP's for each RDP connection and just forward port 3389.   I don't have that many public IP's.

The error is related to the private IP's can't be found on the public internet.
-B
0
 
fitzpabAuthor Commented:
Thanks Karl,
That was what I figured but I wanted to check.
Regards,
Berne
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.