Chage RDP listening port on a computer that is a member of a domain

I have a brand new, just built windows 7 ultimate x64 machine that I want to connect to via RDP on a port other than 3389.  I already changed the "PortNumber" registry key.  I've tested several different ports and ip addresses to check for conflicts.  I've found several articles implying that there is more to be done if a workstation is a member of a domain (this workstation is).  Please lend me your expertise!
willmarpleAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Lee W, MVPTechnology and Business Process AdvisorCommented:
Make sure whatever port you put it on has an exception in the firewall (why are you doing this?  How are you connecting?  Is this open to the internet so I could hack it easily if I were to find the right IP?  Aren't you using VPN and if not, why not?
0
Coast-ITCommented:
Yes, try it internally and see if it works.  if it does, then open the required port in the firewall.  As Leew says though, you should be putting any connections in over a VPN, changing the port number and allowing multiple connections through the router is insecure.

Make sure you check your firewall profiles.

The whole on a domain off a domain difference is rubbish, its only the authentication that changes, the principles of RDP remain the same.
0
willmarpleAuthor Commented:
The client wants to access the whole desktop, not just connect to server applications or shares of data.  Would using rdp over a vpn work just as well as this method?  There are multiple computers in the target LAN that are being rdp'ed in to.The first can obviously use 3389 but there are roughly 3 others that need to be configured to use a different port.  I will check the firewall.
0
Introducing Cloud Class® training courses

Tech changes fast. You can learn faster. That’s why we’re bringing professional training courses to Experts Exchange. With a subscription, you can access all the Cloud Class® courses to expand your education, prep for certifications, and get top-notch instructions.

robertodeacruzCommented:
After you change the port in the registry, you restarted your computer?
0
Lee W, MVPTechnology and Business Process AdvisorCommented:
If you use a VPN, you have a more secure connection between the the remote computer and the target network.  Once connected to the VPN, you would connect via RDP as you would if you were local.  No port mappings needed.

Is this a Small Business Server domain?  If so, you should be using Remote Web Workplace.
0
willmarpleAuthor Commented:
@Coast-IT

I thought that the domain thing was rubbish.  I know the authentication changes but didn't know if there was some magical change that takes place when adding computer to a domain that affects rdp.  I will definitely make the recommendation to the client to use vpn.  However, I'm pretty sure that he's not going to go for buying any hardware so a software vpn using routing and remote access on their dc would be the only option.  What are your opinions about this as I'm sure a point to point hardware vpn with encryption would be the most secure?
0
willmarpleAuthor Commented:
@leew

They have Server 2008 R2 Standard on a new dell r710.  It's their only server though.  So remote web workspace is not available in this version?  Also I am not familiar with it, I'm assuming this is just a web based version of rdp?  Why is is better, does it use secure http?
0
Lee W, MVPTechnology and Business Process AdvisorCommented:
Well, since they don't have SBS, they don't have it - Remote Web Workplace is an SSL web site that provides one location to log into on the web to access via RDP client computer, to access web mail, and sharepoint files.  Google RWW or "Remote Web Workplace" for more information, but since you don't have SBS, it's simply not available.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Cláudio RodriguesFounder and CEOCommented:
I use RRAS on a daily basis on my 2008 DC. Works perfectly and IMHO is as good as any other solution. And as you know it is part of the OS so if you already have it, it is free.

Cláudio Rodrigues
Microsoft MVP - Remote Desktop Services
Citrix CTP
0
Coast-ITCommented:
Yea, agreed, RRAS is fine to use if it's the only option and I too have set it up on DCs when it's the only option.

His current firewall maybe capable of some simple VPN capabilities though, have you checked it out?
0
willmarpleAuthor Commented:
It's a dinky linksys.  I'm not sure that it's even one of the models that are capable of vpn.  Even if it were, we would have to buy an identical one for the other endpoint because they certainly don't support software vpn clients to connect do they?
0
Coast-ITCommented:
No they dont, looks like it's RRAS or replacement router/firewall.
0
willmarpleAuthor Commented:
I agree with your proposal.  Please close this question as you have suggested.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Server OS

From novice to tech pro — start learning today.