We help IT Professionals succeed at work.

We've partnered with Certified Experts, Carl Webster and Richard Faulkner, to bring you a podcast all about Citrix Workspace, moving to the cloud, and analytics & intelligence. Episode 2 coming soon!Listen Now


Need explanation on static IP's, port forwarding to multiple machines, and how to set up my network

Medium Priority
Last Modified: 2013-12-24
I currently have a static IP via business class DSL.  I have a Motorola DSL modem connected to Linksys VPN wireless router, and then 2 gigabit switches.

The router has 1 of my 5 static IP's on the internet.

Behind that I have multiple machines including 2 Win2K8 servers.  One is our business server which I run Terminal Services off of so we can run Quickbooks for on site billing.

The other server is a test server which also runs TS, and a few other applications that I use to demo with.  I have both servers set static on the local LAN.  

To switch between them before I was going into the router remotely and changing the port forward from 1 ip to the other but now I want to be able to access both, at the same time.

I added a A record that points to my static IP, remote.xxxxxxx.xxx.  

How do I set this up so that I can access either box from the internet?  If the router itself has a static IP, how can I assign the box beyond the router one of my other 4 static IP's?  How will it route?

I've thought of changing the ports on each so RDP protocol on 1 port would be through 1 box, and another port on the other but since this is for demo'ing I don't want to reconfigure client machines to try out the demo server.

I understand how the router works, the confusion comes in on how does 1 static IP route through another?  If my static IP's are:

And the .1 is my main IP assigned to the router, how can I assign one of the Win2K8 boxes the .2 address, how would it know to route there?

What I'd really like is to add another A record with test.xxxxxx.xxx so people can resolve to a domain name but again if I point it to one of my other 4 available address, how do I configure the router?

Watch Question

Top Expert 2013
From an earlier post of mine:
Connecting to multiple computers or servers, on the same network, from a remote location, using Windows Remote Desktop.

There are several ways to accomplish this. Method 1 allows multiple users to connect to multiple PCs or servers for various reasons. The other 3 methods are intended for management purposes.

Should you be using Small Business Server, none of this is necessary as you can make use of the built-in Remote Web Workplace service which works extremely well, and is very easy to set up. Option #4 is also integrated with a default install of SBS.

Method 1:
This will not work if the server has 2 network adapters, one external and one internal, and the other PC's and servers are behind the server.

Depending on your router you may have 2 options.
1) Some routers when configuring port forwarding allow you to map an external port to an internal port. So you could map a different external port for each PC or server to the appropriate device and port 3389. For example:
  Computer #1: on the router forward port 3389 to port 3389 on IP
  Computer #2: on the router forward port 3391 to port 3389 on IP
  Computer #3: on the router forward port 3393 to port 3389 on IP
  Computer #4: on the router forward port 3395 to port 3389 on IP
When connecting from the remote site in the connection window of the remote desktop connection manager you would enter the WAN IP and the port #, separated by a colon such as:

2) If the router doesn't allow mapping external to internal ports, then you still assign each computer a different external port, but map that directly to the appropriate PC or server. However, in this case you have to change the listening port on each computer or server. Instructions on changing the listening port can be found at:
Though the router in this case does not show external and internal ports, it changes the mapping to effectively be:
  Computer #1: on the router forward port 3389 to port 3389 on IP
  Computer #2: on the router forward port 3391 to port 3391 on IP
  Computer #3: on the router forward port 3393 to port 3393 on IP
  Computer #4: on the router forward port 3395 to port 3395 on IP
Again when connecting from the remote site, in the connection window of the remote desktop connection manager you would enter the WAN IP and the port #, separated by a colon such as:

Method 2:
If you simply want to access multiple PC's or servers for management purposes, you can connect to the computer for which you have already set up port forwarding and remote desktop. Then, once connected, establish a connection from that computer to another computer on the same network using another remote desktop session within that window. In effect you are running a remote desktop session within a remote desktop session. As odd as it sounds it actually works very well.

Method 3:
Again if you are doing this for management purposes only, you can log onto a single PC or server using a typical Remote desktop connection and port forwarding, but on that unit install the Server 2003 Adminpak. This includes a "snap-in" management console that allows you to create and save connections for some or all of your devices. You can connect to one device or switch back an forth in the console window to different PC'sa and servers.

Method 4:
Much the same as #3, however using a different tool; there is an Active directory add-on called rControlAD which adds a right click option on the context menu for any computer listed in Active Directory Users and Computers, such that you just right click on the computer name and choose "Remote Control".

Method 5:
Onlu available with Server 2008, is you can enable Terminal Server Gateway services, that allows a web portal to all PC's/Servers usinng a secure connection over SSL (port 443)

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts
All very good information, and nothing less than one would expect from a Genius.  ;)
 I would add one or two points that weren't covered by RobWill:  if your primary concern is making use of your additional static IP's rather than working with multiple TS connections, then you are going to need a new router.
 The Linksys SOHO routers are good little appliances; we have many customers using them and have at least one operational at our shop.  But they don't have the capability of handling multiple public IP addresses.
 There are two ways you can make use of your additional public IP addresses:
 Install a business class router (Cisco, Linksys Business Class, Nortel, etc.).  You will need to do some research to find the one that best suits your needs.
Install a small switch in front of your router.  Your DSL modem would be connected to the uplink port of the switch, then your Linksys router's WAN port would be connected to one of the other switch ports.  To use an additional IP address, connect another router to the switch (another Linksys would work fine), configure it for the next public IP address, and put anything you want to use that IP address behind the new router.
 Of course, the simplest and least expensive solution to accessing multiple Terminal Servers at once would be one of the ones RobWill laid out.  But since you have the multiple IP addresses, you may want to use them some day (for a hosted network, or WiFi hotspot, for example).
Argh!  My numbering disappeared!

There should be a number one ("1") in front of "Install a business class router..."  And a number two ("2") in front of "Install a small switch..."; indicating these are alternatives.

<sigh>  There should also be a blank line before "Of course, the simplest...".

Hopefully those corrections will make that jumble a bit easier to read.



Thanks for all the replies.

Ok that answers my questions...I'll setup the TS gateway on my main server that can pass through to my test server when needed.

However it now leads to more questions.

I have my own domain name and I've set the TS server to that domain, remote.xxxxxx.xxx.  Now I have to set the domain on both TS's, but it they would need to be different.

If I register something like test.xxxxxx.xxx to point the same IP for my test server, does the Gateway split all that irregardless of the IP?

Guess thats a question for the TS area.  The info you both provided is good enough for me to get going, especially realizing that it is a hardware function that handles multiple IP's over a single line and I might need to invest in better stuff.
Top Expert 2013

Best to post a new question in the TS area, but you have external and internal domain names. The most common example would be MyDomain.com for external and MyDomain.local for internal. Your external remote.MyDomain.com would point only to the TS gateway or a router and forward the traffic to the TS gateway. The gateway then manages all traffic internally to the various machines/server using their local NetBIOS (common) name. You only need the one external connection with TS Gateway.

The following should be of some help: "TS Gateway Step-by-Step Guide"

Thanks eric_ptek.

Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.


Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.