• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 507
  • Last Modified:

How do I get RDP to work outside of my lan?


I got my RDP working from between 2 XP pro computers and a media center computer through a Linksys WRT54G router only when I'm at home. How do I connect to them from anywhere else? I need a step-by-step guide, please.
1 Solution
If your computers are connected to the internet, consider using Logmein or a similar service.  www.logmein.com will allow you to set up a web based connection to your computer that you can access using two levels of password security, one on the account and one on the machine itself.  There are several services like this, and you don't need to have a permanent IP address to use it.

You need to go to your router web address ( or whatever) and open ports 3389 to your network.  This will let the RDP through the router and into your network.  You'll probably have to select just one computer you want to connect to (unless you have more static IP's available) and open port 3389 for just that one computer.  Once connected to that computer, you could RDP to another on your network.
Pretty easy job. What you need to do is use port forwarding in your router to forward port 3389 to the ip address of the computer which you are trying to access.

On page 32 of the manual it gives you a guide to port forwarding through your router.

Also if you want to rdp into more then one machine you are going to have to change the rdp listening port from 3389 to something else on your other machines. I always increment the second number 3489 would be the next i would assign to my second machine.

In case you need to access more then one computer here is the guide to change the listening rdp port.

Obviously you would also have to forward this port appropriately too.

There is only one more issue associated with this, you are going to have to make sure the two workstations have static ip addresses. Because if they change your router will not be able to forward the ports appropriately. For this router you are probably going to have to do this manually through you network connection in windows.

This is a long explanation on how to assign the workstation static ip's so i am going to refer you to this guide.


But basically you are going to assign the machine an ip like specify the subnetmask (, default gateway (routers ip, and dns server (Your ISP's ip address)

You can get all this information by running ipconfig /all from teh command prompt.

Please feel free to ask questions about the process if you get stuck

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

I know this could be allot to swallow and it's tempting to take the logmein route. But i assure you that it's easy once you get the hang of what you are doing.

I suggest taking it one step at a time, configuring one machine at a time.

One other thing i forgot to mention is if you don't have a static ip address through you ISP you may have trouble logging into your home network.

You can use a free service like dnydns.org which can provide a utility to update your ip address to their network. they will assign you a domain which will redirect you to your dynamic ip address.

Here's a how-to page for DynDNS - http://www.dyndns.com/services/dns/dyndns/howto.html

When you get to Step 3 - installing a client, your router almost-certainly has a DDNS client built in, so you should not have to install a standalone software client... just look for the DDNS section in your router's configs while you're in there setting up the Port Forwarding.
you are correct Darr247, on page 63 of the manual it says there is an updater for dyndns.org.

My router has that but i was thinking that his did not.

Camillemikhael1Author Commented:
Thank you very much for your replies.

To simplify things, I will refer to my office computer as "A" and my home computer as "B"

I assigned a static ip ( to B and made sure that the listening port was 3389. I then entered my router and forwarded port 3389 to After these changes were made, I made sure that I could still access it from my lan. To do so, I just go to RDP, I enter "Camille" in the computer name field and it goes to the log in screen.

But when I try to do it when I'm outside my lan, what am I supposed to enter for the computer name? Obviously I can't expect it to understand what "Camille" means anymore. Does computer A have to have a static IP? If so, that's no problem, but I don't see how that comes into play.

Subnet mask:
Dns servers:

Thanks again,


When you are outside your lan you need to enter your public ip address.


http://myipaddress.com from computer B and note the ip address.

from computer A type in the ip address and you should be able to login.
The problem that comes in is that your public ip address may change. That is where dyndns.org come into the picture.
Your public ip address is assigned to your router by your ISP and it is what identifies you to other users on the world wide web.

Private ip addresses identifies your computer to other computer only behind your LAN.
let me know if you have any more troubles.
Camillemikhael1Author Commented:
You guys were absolutely right: it seems overwhelming at first but things are falling into place. Please let me introduce computer C into the equation; it's a second home computer that I need to access. I've also assigned that computer a static IP and verified that it could accept remote connections. I changed the listening port on C to 3489. I forwarded C's static IP on 3489, but when I try to access C from A by entering ipaddress:3489, it doesn't work. ipaddress:3389 does work for B, though. So I am able to access C from A by connecting to B from A, and then to C from B but the problem is that B isn't always on and can't be.

I think I set up DynDNS correctly except the status in the DDNS section of my router is "Socket Error, DDNS update fail!". Doesn't seem to be affecting anything but I don't know if it'll be a problem once my ISP sends me a new IP.

I'm so close I could taste it.....

Thanks again, guys
It is probibly windows firewall, by default 3389 is set as an exception but not 3489. You will need to make an exception in windows firewall for port 3489 on computer C.

Here is the recap to check computer C's setup.
1. The pc has to have the rdp listen port changed to 3489 through the windows registry
2. Your router should have port 3489 forwarded to the private static ip address of computer C
3. Computer C should have any firewall software open to listen on port 3489. This could be windows firewall, McAfee, Symantec, or others.

windows firewall exceptions:
You will create an exception by adding a port, don't worry about adding a program.
Camillemikhael1Author Commented:
I added the exception and even tried disabling the firewall temporarily but still can't connect directly to C from A.

When you said "You will create an exception by adding a port, don't worry about adding a program.", did you mean that for the DDNS problem?
Temporarily i would eliminate the DDNS issue by trying to connect from A to C through your public ip address. Once you get this working then try it with the DDNS. This way if there is an issue with the DDNS then we will be bypassing that. We don't want to be trouble shooting more then one problem at a time.

From computer A (office) have you tried to connect to C with PublicIP:3489?

One other thing i have to ask, did you setup the remote desktop options to allow connections and add the selected users on computer C?

One other thing to try, can you access computer C from computer B? if you can then we can start to narrow down the issues.

Also make sure you restarted computer C after you made the register change.

Try some of these things, often times you will have less issues trying to connect to a computer from your local area network, so i would really try to get connected to C from computer B. Once we get this we have really narrowed down the possibilities.
I am not sure if you have multiple computers on you LAN that you will like to RDP to; but if you do here's a work around.

On one LAN
Computer A RDP port 3389
Computer B RDP Port 3390
Etc, etc

Make the necessary changes in the firewall settings of each computer. Also open ports on your router.

For DDns service i sometimes use www.no-ip.org. this is only if the router cannot support DDNS service. this service is FREE

With these settings in place to connect to computer A from outside in RDP i put www.yourdomain.no-ip.org:3389 and for computer B www.yourdomain.no-ip.org:3390

I hope this works.

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now