Solved

Chage RDP listening port on a computer that is a member of a domain

Posted on 2010-08-18
14
369 Views
Last Modified: 2013-11-21
I have a brand new, just built windows 7 ultimate x64 machine that I want to connect to via RDP on a port other than 3389.  I already changed the "PortNumber" registry key.  I've tested several different ports and ip addresses to check for conflicts.  I've found several articles implying that there is more to be done if a workstation is a member of a domain (this workstation is).  Please lend me your expertise!
0
Comment
Question by:willmarple
  • 5
  • 3
  • 3
  • +2
14 Comments
 
LVL 95

Expert Comment

by:Lee W, MVP
ID: 33465575
Make sure whatever port you put it on has an exception in the firewall (why are you doing this?  How are you connecting?  Is this open to the internet so I could hack it easily if I were to find the right IP?  Aren't you using VPN and if not, why not?
0
 
LVL 11

Expert Comment

by:Coast-IT
ID: 33465714
Yes, try it internally and see if it works.  if it does, then open the required port in the firewall.  As Leew says though, you should be putting any connections in over a VPN, changing the port number and allowing multiple connections through the router is insecure.

Make sure you check your firewall profiles.

The whole on a domain off a domain difference is rubbish, its only the authentication that changes, the principles of RDP remain the same.
0
 

Author Comment

by:willmarple
ID: 33465718
The client wants to access the whole desktop, not just connect to server applications or shares of data.  Would using rdp over a vpn work just as well as this method?  There are multiple computers in the target LAN that are being rdp'ed in to.The first can obviously use 3389 but there are roughly 3 others that need to be configured to use a different port.  I will check the firewall.
0
Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

 
LVL 3

Expert Comment

by:robertodeacruz
ID: 33465729
After you change the port in the registry, you restarted your computer?
0
 
LVL 95

Expert Comment

by:Lee W, MVP
ID: 33465767
If you use a VPN, you have a more secure connection between the the remote computer and the target network.  Once connected to the VPN, you would connect via RDP as you would if you were local.  No port mappings needed.

Is this a Small Business Server domain?  If so, you should be using Remote Web Workplace.
0
 

Author Comment

by:willmarple
ID: 33465808
@Coast-IT

I thought that the domain thing was rubbish.  I know the authentication changes but didn't know if there was some magical change that takes place when adding computer to a domain that affects rdp.  I will definitely make the recommendation to the client to use vpn.  However, I'm pretty sure that he's not going to go for buying any hardware so a software vpn using routing and remote access on their dc would be the only option.  What are your opinions about this as I'm sure a point to point hardware vpn with encryption would be the most secure?
0
 

Author Comment

by:willmarple
ID: 33465858
@leew

They have Server 2008 R2 Standard on a new dell r710.  It's their only server though.  So remote web workspace is not available in this version?  Also I am not familiar with it, I'm assuming this is just a web based version of rdp?  Why is is better, does it use secure http?
0
 
LVL 95

Accepted Solution

by:
Lee W, MVP earned 168 total points
ID: 33465949
Well, since they don't have SBS, they don't have it - Remote Web Workplace is an SSL web site that provides one location to log into on the web to access via RDP client computer, to access web mail, and sharepoint files.  Google RWW or "Remote Web Workplace" for more information, but since you don't have SBS, it's simply not available.
0
 
LVL 31

Assisted Solution

by:Cláudio Rodrigues
Cláudio Rodrigues earned 166 total points
ID: 33466225
I use RRAS on a daily basis on my 2008 DC. Works perfectly and IMHO is as good as any other solution. And as you know it is part of the OS so if you already have it, it is free.

Cláudio Rodrigues
Microsoft MVP - Remote Desktop Services
Citrix CTP
0
 
LVL 11

Expert Comment

by:Coast-IT
ID: 33469477
Yea, agreed, RRAS is fine to use if it's the only option and I too have set it up on DCs when it's the only option.

His current firewall maybe capable of some simple VPN capabilities though, have you checked it out?
0
 

Author Comment

by:willmarple
ID: 33469516
It's a dinky linksys.  I'm not sure that it's even one of the models that are capable of vpn.  Even if it were, we would have to buy an identical one for the other endpoint because they certainly don't support software vpn clients to connect do they?
0
 
LVL 11

Assisted Solution

by:Coast-IT
Coast-IT earned 166 total points
ID: 33470382
No they dont, looks like it's RRAS or replacement router/firewall.
0
 

Author Comment

by:willmarple
ID: 33939428
I agree with your proposal.  Please close this question as you have suggested.
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Background Information Recently I have fixed file server permission issues for one of my client. The client has 1800 users and one Windows Server 2008 R2 domain joined file server with 12 TB of data, 250+ shared folders and the folder structure i…
Know what services you can and cannot, should and should not combine on your server.
This Micro Tutorial will give you basic overview of the control panel section on Windows 7. It will depth in Network and Internet, Hardware and Sound, etc. This will be demonstrated using Windows 7 operating system.
The viewer will learn how to successfully create a multiboot device using the SARDU utility on Windows 7. Start the SARDU utility: Change the image directory to wherever you store your ISOs, this will prevent you from having 2 copies of an ISO wit…

685 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question