• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2767
  • Last Modified:

FQDN for remote desktop access

I'm trying to have 2 people with remote desktop connections through my firewall. I set a rule in my netgear router for UDP port 3389 to access (or .6 for the other computer) either computer works fine by itself if I type xx.xx.xxx.xx (my static IP address that is in the router settings) in the Computer section of the remote desktop connection box and then put the user name the same as their log in name to windows. First, I keep hearing I need to put  the FQDN in the "Computer" box, but I don't know how to figure out what it is.
Since I have two computers, I changed the listening port to 3390 for the second computer. Now is when I believe I need the FQDN to put in the "computer" box, and then the "user name' box will be the windows log in. Am I correct? I know it needs to be something like "computer.fabrikam.com:3390. I don't host my domain from here so I don't know what the "name' is. I tried xx.xx.xxx.xx:3390 (using my method above), but it doesn't work.
2 Solutions
The FQDN is your computer complete DNS name for example computer.domain.local. in your private domain. If you try to connect to a computer from outside with PAT, you will have to connect with you external public IP adress, the one you have on you router's Internet side. By the way, RDP uses TCP 3389 and not UDP 3389.
You should have two PAT rules : on external port 3389 access on port TCP 3389
                                                       on external port 3390 access on port TCP 3389
Don't forget to create rules in the firewall art of your routers if any.
Then you connect from the ouside using your "publicIPadress":3389 if you want to connect to or "publicIPadress":3390 if you want to connect to
Good luck.
Okey Dokey,

It's not as bad as it sounds - I think.
I suspect you don't actually have a domain controller running on your network just two normal PC's
In this case you might just want to use the computer name and the username eg:


then put your password in the box below.

Eraser63 is offering you good advice, its important NOT to map two computers services to the same port on your router as the router will not know which computer to forward your request to, so it is important to follow his advice there if you want to get both machines running.

A free service you might want to bear in mind is DYNDNS.org, you can sign up with them and create a new host name for yourself.

If you download their utility, every time your computer connects up to the Net it will register your WAN IP with their servers. You can then use a free DNS name to access your computer/s it would look something like this:


It's just easier than typing youe IP address. Not only that is also means you don't have to have a static IP address which might just save you some money with your ISP.

Once you have followed Eraser63's instructions you will be able to do something like:

http://mynameorcompany.dyndns.org:3389  (Which will take you to computer 1)
http://mynameorcompany.dyndns.org:3390  (Which will take you to computer 2)

All the best
Sci-Fi Si

brianhaugAuthor Commented:
Thanks so far, but I still have a problem. It all comes down to the router. I can log in on port 3389 with no problem. If I change the local IP setting ( or 6) for the rule, I can go to either computer. I log on using myname.dyndns.org:3389 and it works fine. I add a service to my router (netgear FWAG114) with type TCP/UDP, start port 3391 (I've tried 3388 &3390 also) end port 3391. I then try to log on using myname.dyndns.org:3391 and it doesn't work (even with the rule for port 3391 going to the local computer Any thoughts????
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: Certified Penetration Testing

This CPTE Certified Penetration Testing Engineer course covers everything you need to know about becoming a Certified Penetration Testing Engineer. Career Path: Professional roles include Ethical Hackers, Security Consultants, System Administrators, and Chief Security Officers.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now