Solved

How do I get RDP to work outside of my lan?

Posted on 2008-10-30
17
473 Views
Last Modified: 2013-11-21
Hi

I got my RDP working from between 2 XP pro computers and a media center computer through a Linksys WRT54G router only when I'm at home. How do I connect to them from anywhere else? I need a step-by-step guide, please.
0
Comment
Question by:Camillemikhael1
17 Comments
 
LVL 2

Expert Comment

by:chakaal
Comment Utility
If your computers are connected to the internet, consider using Logmein or a similar service.  www.logmein.com will allow you to set up a web based connection to your computer that you can access using two levels of password security, one on the account and one on the machine itself.  There are several services like this, and you don't need to have a permanent IP address to use it.

--M
0
 
LVL 1

Expert Comment

by:Charbroiled
Comment Utility
You need to go to your router web address (192.168.1.1 or whatever) and open ports 3389 to your network.  This will let the RDP through the router and into your network.  You'll probably have to select just one computer you want to connect to (unless you have more static IP's available) and open port 3389 for just that one computer.  Once connected to that computer, you could RDP to another on your network.
0
 
LVL 7

Accepted Solution

by:
talker2004 earned 500 total points
Comment Utility
Pretty easy job. What you need to do is use port forwarding in your router to forward port 3389 to the ip address of the computer which you are trying to access.

On page 32 of the manual it gives you a guide to port forwarding through your router.
http://web.mit.edu/ghudson/manuals/WRT54G-manual.pdf

Also if you want to rdp into more then one machine you are going to have to change the rdp listening port from 3389 to something else on your other machines. I always increment the second number 3489 would be the next i would assign to my second machine.

In case you need to access more then one computer here is the guide to change the listening rdp port.
http://support.microsoft.com/kb/306759

Obviously you would also have to forward this port appropriately too.


There is only one more issue associated with this, you are going to have to make sure the two workstations have static ip addresses. Because if they change your router will not be able to forward the ports appropriately. For this router you are probably going to have to do this manually through you network connection in windows.

This is a long explanation on how to assign the workstation static ip's so i am going to refer you to this guide.

http://portforward.com/networking/static-xp.htm

But basically you are going to assign the machine an ip like 192.168.0.101 specify the subnetmask (255.255.255.0, default gateway (routers ip 192.168.1.1), and dns server (Your ISP's ip address)

You can get all this information by running ipconfig /all from teh command prompt.

Please feel free to ask questions about the process if you get stuck


0
 
LVL 7

Expert Comment

by:talker2004
Comment Utility
I know this could be allot to swallow and it's tempting to take the logmein route. But i assure you that it's easy once you get the hang of what you are doing.

I suggest taking it one step at a time, configuring one machine at a time.

One other thing i forgot to mention is if you don't have a static ip address through you ISP you may have trouble logging into your home network.

You can use a free service like dnydns.org which can provide a utility to update your ip address to their network. they will assign you a domain which will redirect you to your dynamic ip address.

0
 
LVL 44

Expert Comment

by:Darr247
Comment Utility
Here's a how-to page for DynDNS - http://www.dyndns.com/services/dns/dyndns/howto.html

When you get to Step 3 - installing a client, your router almost-certainly has a DDNS client built in, so you should not have to install a standalone software client... just look for the DDNS section in your router's configs while you're in there setting up the Port Forwarding.
0
 
LVL 7

Expert Comment

by:talker2004
Comment Utility
you are correct Darr247, on page 63 of the manual it says there is an updater for dyndns.org.

My router has that but i was thinking that his did not.

0
 

Author Comment

by:Camillemikhael1
Comment Utility
Thank you very much for your replies.

To simplify things, I will refer to my office computer as "A" and my home computer as "B"

I assigned a static ip (192.136.1.138) to B and made sure that the listening port was 3389. I then entered my router and forwarded port 3389 to 192.136.1.138. After these changes were made, I made sure that I could still access it from my lan. To do so, I just go to RDP, I enter "Camille" in the computer name field and it goes to the log in screen.

But when I try to do it when I'm outside my lan, what am I supposed to enter for the computer name? Obviously I can't expect it to understand what "Camille" means anymore. Does computer A have to have a static IP? If so, that's no problem, but I don't see how that comes into play.

Subnet mask: 255.255.255.0
Dns servers: 64.71.255.198


Thanks again,

Camille

0
 
LVL 7

Expert Comment

by:talker2004
Comment Utility
When you are outside your lan you need to enter your public ip address.

goto

http://myipaddress.com from computer B and note the ip address.

from computer A type in the ip address and you should be able to login.
0
Backup Your Microsoft Windows Server®

Backup all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

 
LVL 7

Expert Comment

by:talker2004
Comment Utility
The problem that comes in is that your public ip address may change. That is where dyndns.org come into the picture.
0
 
LVL 7

Expert Comment

by:talker2004
Comment Utility
Your public ip address is assigned to your router by your ISP and it is what identifies you to other users on the world wide web.

Private ip addresses identifies your computer to other computer only behind your LAN.
0
 
LVL 7

Expert Comment

by:talker2004
Comment Utility
let me know if you have any more troubles.
0
 

Author Comment

by:Camillemikhael1
Comment Utility
You guys were absolutely right: it seems overwhelming at first but things are falling into place. Please let me introduce computer C into the equation; it's a second home computer that I need to access. I've also assigned that computer a static IP and verified that it could accept remote connections. I changed the listening port on C to 3489. I forwarded C's static IP on 3489, but when I try to access C from A by entering ipaddress:3489, it doesn't work. ipaddress:3389 does work for B, though. So I am able to access C from A by connecting to B from A, and then to C from B but the problem is that B isn't always on and can't be.

I think I set up DynDNS correctly except the status in the DDNS section of my router is "Socket Error, DDNS update fail!". Doesn't seem to be affecting anything but I don't know if it'll be a problem once my ISP sends me a new IP.

I'm so close I could taste it.....

Thanks again, guys
0
 
LVL 7

Expert Comment

by:talker2004
Comment Utility
It is probibly windows firewall, by default 3389 is set as an exception but not 3489. You will need to make an exception in windows firewall for port 3489 on computer C.

Here is the recap to check computer C's setup.
1. The pc has to have the rdp listen port changed to 3489 through the windows registry
2. Your router should have port 3489 forwarded to the private static ip address of computer C
3. Computer C should have any firewall software open to listen on port 3489. This could be windows firewall, McAfee, Symantec, or others.


windows firewall exceptions:
http://www.microsoft.com/windowsxp/using/security/internet/sp2_wfexceptions.mspx
0
 
LVL 7

Expert Comment

by:talker2004
Comment Utility
You will create an exception by adding a port, don't worry about adding a program.
0
 

Author Comment

by:Camillemikhael1
Comment Utility
I added the exception and even tried disabling the firewall temporarily but still can't connect directly to C from A.

When you said "You will create an exception by adding a port, don't worry about adding a program.", did you mean that for the DDNS problem?
0
 
LVL 7

Expert Comment

by:talker2004
Comment Utility
Temporarily i would eliminate the DDNS issue by trying to connect from A to C through your public ip address. Once you get this working then try it with the DDNS. This way if there is an issue with the DDNS then we will be bypassing that. We don't want to be trouble shooting more then one problem at a time.

From computer A (office) have you tried to connect to C with PublicIP:3489?

One other thing i have to ask, did you setup the remote desktop options to allow connections and add the selected users on computer C?

One other thing to try, can you access computer C from computer B? if you can then we can start to narrow down the issues.

Also make sure you restarted computer C after you made the register change.

Try some of these things, often times you will have less issues trying to connect to a computer from your local area network, so i would really try to get connected to C from computer B. Once we get this we have really narrowed down the possibilities.
0
 
LVL 5

Expert Comment

by:ABLComputers
Comment Utility
I am not sure if you have multiple computers on you LAN that you will like to RDP to; but if you do here's a work around.

On one LAN
Computer A RDP port 3389
Computer B RDP Port 3390
Etc, etc

Make the necessary changes in the firewall settings of each computer. Also open ports on your router.

For DDns service i sometimes use www.no-ip.org. this is only if the router cannot support DDNS service. this service is FREE

With these settings in place to connect to computer A from outside in RDP i put www.yourdomain.no-ip.org:3389 and for computer B www.yourdomain.no-ip.org:3390

I hope this works.
0

Featured Post

Why spend so long doing email signature updates?

Do you spend loads of your time carrying out email signature updates? Not very interesting are they? Don’t let signature updates get you down. Let Exclaimer Cloud - Signatures for Office 365 make managing email signatures a breeze.

Join & Write a Comment

A common practice in small networks is making file sharing easy which works extremely well when intra-network security is not an issue. In essence, everyone, that is "Everyone", is given access to all of the shared files - often the entire C: drive …
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now