Solved

How do I get RDP to work outside of my lan?

Posted on 2008-10-30
17
486 Views
Last Modified: 2013-11-21
Hi

I got my RDP working from between 2 XP pro computers and a media center computer through a Linksys WRT54G router only when I'm at home. How do I connect to them from anywhere else? I need a step-by-step guide, please.
0
Comment
Question by:Camillemikhael1
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
17 Comments
 
LVL 2

Expert Comment

by:chakaal
ID: 22844968
If your computers are connected to the internet, consider using Logmein or a similar service.  www.logmein.com will allow you to set up a web based connection to your computer that you can access using two levels of password security, one on the account and one on the machine itself.  There are several services like this, and you don't need to have a permanent IP address to use it.

--M
0
 
LVL 1

Expert Comment

by:Charbroiled
ID: 22845019
You need to go to your router web address (192.168.1.1 or whatever) and open ports 3389 to your network.  This will let the RDP through the router and into your network.  You'll probably have to select just one computer you want to connect to (unless you have more static IP's available) and open port 3389 for just that one computer.  Once connected to that computer, you could RDP to another on your network.
0
 
LVL 7

Accepted Solution

by:
talker2004 earned 500 total points
ID: 22845131
Pretty easy job. What you need to do is use port forwarding in your router to forward port 3389 to the ip address of the computer which you are trying to access.

On page 32 of the manual it gives you a guide to port forwarding through your router.
http://web.mit.edu/ghudson/manuals/WRT54G-manual.pdf

Also if you want to rdp into more then one machine you are going to have to change the rdp listening port from 3389 to something else on your other machines. I always increment the second number 3489 would be the next i would assign to my second machine.

In case you need to access more then one computer here is the guide to change the listening rdp port.
http://support.microsoft.com/kb/306759

Obviously you would also have to forward this port appropriately too.


There is only one more issue associated with this, you are going to have to make sure the two workstations have static ip addresses. Because if they change your router will not be able to forward the ports appropriately. For this router you are probably going to have to do this manually through you network connection in windows.

This is a long explanation on how to assign the workstation static ip's so i am going to refer you to this guide.

http://portforward.com/networking/static-xp.htm

But basically you are going to assign the machine an ip like 192.168.0.101 specify the subnetmask (255.255.255.0, default gateway (routers ip 192.168.1.1), and dns server (Your ISP's ip address)

You can get all this information by running ipconfig /all from teh command prompt.

Please feel free to ask questions about the process if you get stuck


0
Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.

 
LVL 7

Expert Comment

by:talker2004
ID: 22845349
I know this could be allot to swallow and it's tempting to take the logmein route. But i assure you that it's easy once you get the hang of what you are doing.

I suggest taking it one step at a time, configuring one machine at a time.

One other thing i forgot to mention is if you don't have a static ip address through you ISP you may have trouble logging into your home network.

You can use a free service like dnydns.org which can provide a utility to update your ip address to their network. they will assign you a domain which will redirect you to your dynamic ip address.

0
 
LVL 44

Expert Comment

by:Darr247
ID: 22845683
Here's a how-to page for DynDNS - http://www.dyndns.com/services/dns/dyndns/howto.html

When you get to Step 3 - installing a client, your router almost-certainly has a DDNS client built in, so you should not have to install a standalone software client... just look for the DDNS section in your router's configs while you're in there setting up the Port Forwarding.
0
 
LVL 7

Expert Comment

by:talker2004
ID: 22845726
you are correct Darr247, on page 63 of the manual it says there is an updater for dyndns.org.

My router has that but i was thinking that his did not.

0
 

Author Comment

by:Camillemikhael1
ID: 22846540
Thank you very much for your replies.

To simplify things, I will refer to my office computer as "A" and my home computer as "B"

I assigned a static ip (192.136.1.138) to B and made sure that the listening port was 3389. I then entered my router and forwarded port 3389 to 192.136.1.138. After these changes were made, I made sure that I could still access it from my lan. To do so, I just go to RDP, I enter "Camille" in the computer name field and it goes to the log in screen.

But when I try to do it when I'm outside my lan, what am I supposed to enter for the computer name? Obviously I can't expect it to understand what "Camille" means anymore. Does computer A have to have a static IP? If so, that's no problem, but I don't see how that comes into play.

Subnet mask: 255.255.255.0
Dns servers: 64.71.255.198


Thanks again,

Camille

0
 
LVL 7

Expert Comment

by:talker2004
ID: 22846614
When you are outside your lan you need to enter your public ip address.

goto

http://myipaddress.com from computer B and note the ip address.

from computer A type in the ip address and you should be able to login.
0
 
LVL 7

Expert Comment

by:talker2004
ID: 22846617
The problem that comes in is that your public ip address may change. That is where dyndns.org come into the picture.
0
 
LVL 7

Expert Comment

by:talker2004
ID: 22846643
Your public ip address is assigned to your router by your ISP and it is what identifies you to other users on the world wide web.

Private ip addresses identifies your computer to other computer only behind your LAN.
0
 
LVL 7

Expert Comment

by:talker2004
ID: 22846651
let me know if you have any more troubles.
0
 

Author Comment

by:Camillemikhael1
ID: 22847681
You guys were absolutely right: it seems overwhelming at first but things are falling into place. Please let me introduce computer C into the equation; it's a second home computer that I need to access. I've also assigned that computer a static IP and verified that it could accept remote connections. I changed the listening port on C to 3489. I forwarded C's static IP on 3489, but when I try to access C from A by entering ipaddress:3489, it doesn't work. ipaddress:3389 does work for B, though. So I am able to access C from A by connecting to B from A, and then to C from B but the problem is that B isn't always on and can't be.

I think I set up DynDNS correctly except the status in the DDNS section of my router is "Socket Error, DDNS update fail!". Doesn't seem to be affecting anything but I don't know if it'll be a problem once my ISP sends me a new IP.

I'm so close I could taste it.....

Thanks again, guys
0
 
LVL 7

Expert Comment

by:talker2004
ID: 22847711
It is probibly windows firewall, by default 3389 is set as an exception but not 3489. You will need to make an exception in windows firewall for port 3489 on computer C.

Here is the recap to check computer C's setup.
1. The pc has to have the rdp listen port changed to 3489 through the windows registry
2. Your router should have port 3489 forwarded to the private static ip address of computer C
3. Computer C should have any firewall software open to listen on port 3489. This could be windows firewall, McAfee, Symantec, or others.


windows firewall exceptions:
http://www.microsoft.com/windowsxp/using/security/internet/sp2_wfexceptions.mspx
0
 
LVL 7

Expert Comment

by:talker2004
ID: 22847722
You will create an exception by adding a port, don't worry about adding a program.
0
 

Author Comment

by:Camillemikhael1
ID: 22847859
I added the exception and even tried disabling the firewall temporarily but still can't connect directly to C from A.

When you said "You will create an exception by adding a port, don't worry about adding a program.", did you mean that for the DDNS problem?
0
 
LVL 7

Expert Comment

by:talker2004
ID: 22849727
Temporarily i would eliminate the DDNS issue by trying to connect from A to C through your public ip address. Once you get this working then try it with the DDNS. This way if there is an issue with the DDNS then we will be bypassing that. We don't want to be trouble shooting more then one problem at a time.

From computer A (office) have you tried to connect to C with PublicIP:3489?

One other thing i have to ask, did you setup the remote desktop options to allow connections and add the selected users on computer C?

One other thing to try, can you access computer C from computer B? if you can then we can start to narrow down the issues.

Also make sure you restarted computer C after you made the register change.

Try some of these things, often times you will have less issues trying to connect to a computer from your local area network, so i would really try to get connected to C from computer B. Once we get this we have really narrowed down the possibilities.
0
 
LVL 5

Expert Comment

by:ABLComputers
ID: 22849839
I am not sure if you have multiple computers on you LAN that you will like to RDP to; but if you do here's a work around.

On one LAN
Computer A RDP port 3389
Computer B RDP Port 3390
Etc, etc

Make the necessary changes in the firewall settings of each computer. Also open ports on your router.

For DDns service i sometimes use www.no-ip.org. this is only if the router cannot support DDNS service. this service is FREE

With these settings in place to connect to computer A from outside in RDP i put www.yourdomain.no-ip.org:3389 and for computer B www.yourdomain.no-ip.org:3390

I hope this works.
0

Featured Post

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Enterprise networks where VoIP phones have been deployed frequently use port configurations that allow both a computer and an IP phone to be plugged into the same switch port but use different VLANs. On Cisco equipment I'm referring to the "native V…
Many of us in IT utilize a combination of roaming profiles and folder redirection to ensure user information carries over from one workstation to another; in my environment, it was to enable virtualization without needing a separate desktop for each…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question