• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 343
  • Last Modified:

Remote desktop trying to connect to workstation in a domain

My office WS03 server is a domain controller Sterling.Biz. All office client computers are in a workgroup "realty."  One workgroup computer is named "FOX" and another "MBPC."   Both workstations have static IP addresses behind a Linksys router.

From my home I can connect to "Sterling.Biz" using either the Domain Name, or the IP address.  However, I can not connect to either of the workgroup computers.   I have tried many formats like "Fox.Sterling.Biz" and "Fox.realty.Sterling.Biz" without success.  

Any suggestions appreciated.
0
FrankBabz
Asked:
FrankBabz
  • 6
  • 6
1 Solution
 
mmusurlianCommented:
It sounds as though you may have a domain controller in the env but the FOX and MBPC machines may not be part of the domain. Typically, when machines are joined to a domain, WG names do not exist.

Either way, when you are outside the local network, NAT (network address translation) comes into  play when you are behind a router. This would mean that you would need to have your router setup to point remote desktop requests (port 3389 by default) down to the inside address (Local) IP of the machine. You would also want to make sure any firewall on the machine and the router allows RDP through. Let me know if this helps or if you need more information...

0
 
FrankBabzAuthor Commented:
Thanks for the suggestions...  
>>point remote desktop requests (port 3389 by default) down to the inside address (Local) IP of the machine.<<
By machine, do you mean a wokstation?  If so, then wouldn't that negate reaching the server?  I need to reach the server as well as workstations from home.
In office FOX can remote connect to MBPC (and server) in the local LAN, so maybe it's OK to presume router allows RDP through?  And home to Server also connects.
0
 
mmusurlianCommented:
Sure... just curious , how many usable external IPs do you have? .. reason being most likely there is a NAT entry for the server now... for example all from 1.2.3.4 (external) for all to 10.1.10.1 (internal) on 3389 which would work... but once external IP 1.2.3.4 is used once for port 3389 you couldnt use that external IP again for the same port number.. you would either need to use a different external IP (which could then use 3389 again or different port number for the workstations using same external IP if you dont have more than one.

I hope this helps and/or makes sense... let me know if you need more info or a different example...

cheers!
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
FrankBabzAuthor Commented:
Thanks again....   Sorry, I don't understand enough to experiment, and will need to find another solution.  Maybe easier for me to eliminate the workgroup structure, but do not know what grief that might cause me.  
0
 
mmusurlianCommented:
no worries... is there something I can try to explain differently. You shouldnt need to do anything with the workgroup, the issue is more so getting Remote Desktop access from outside the local Lan right? As long as I am understanding you right, it should just be a matter of port forwarding from the existing linksys router... I can give you some ideas if you would like... for example how to change the RDP port of the WS.

For example : Default is 3389 but to change the RDP port of the workstation if needed (if only one external IP) -- once you do that you can use the same ext Ip and just foward the right internal IP to the corresponding machine.

Server: 3389
WS 1 : 3390
WS 2: 3391

Then you could use the same External Ip and specify port number for the machine you want:

for example: in remote desktop connection window
1.2.3.4 = 3389 (default) to internal 10.1.2.3
1.2.3.4:3390 for WS1  to internal 10.1.2.4 (port 3390)
1.2.3.4:3391 for WS2 to internal 10.1.2.5 (port 3391)

let me know if this helps == to change the port number on the WS is a simple reg key change

cheers!

Then
0
 
FrankBabzAuthor Commented:
I sort of understand (maybe?)....  

Assuming my office IP for Sterling.Biz is ."1.2.3.4".....  and, in the router my only change is toI forward port 3390 to 192.168,20.31 (the static IP for WS1) then I would be able to connect to WS1 using "1.2.3.4:3390"

I would still be able to connect to the server using "Sterling.Biz"  that remains at port 3389?

Could I also use "Sterling.Biz:3390" to connect to WS1?
0
 
mmusurlianCommented:
true - you would just want to make sure that your router will allow port 3390 from the outside also - but yes you have the right idea...

if sterling.biz = 1.2.3.4
you could use sterling.biz for Server
and sterling.biz:3390 for WS1

but you also need to change the RDP port on WS1 from 3389 to 3390

regedit
HKLM --> System - CurrentControlSet - Control - Terminal Server - WinStations - RDP-Tcp
look for key called "port number" -- should be 3389 - change it there -- reboot--machine will now listen for RDP on whatever port you change to.

NOTE - this means all RDP connections -- internal and external will not be on that port number.

Let me know if this helps!

0
 
FrankBabzAuthor Commented:
Not sure how: >>make sure that your router will allow port 3390 from the outside<<   What or who might restrict this?  My ISP is Comcast.

Is this specific to WS1?  In general, I am unclear what this implies? >>NOTE - this means all RDP connections -- internal and external will not be on that port number.<<   Who else would or might require this?  Did you mean all internal and external will be REQUIRED to use the new port number for RDP to WS1?   I am concerned other Terminal Service aps will be affected.

If I have 10 workstations, can I use 10 consecutive ports from 3390 -> 3399 (where is the stopping point?)

Thanks.... I am learning... and you are being most helpful.
0
 
mmusurlianCommented:
For example:
Server = 3389 (default) - no problem - you can access it straight away.
WS1 = 3390 - although you are changing the port so you can utilize one external IP for multiple machine access through RDP - the machine doesnt know the difference. So once you change the port number remember to use it whether you are internal or external just make sure to have ":port" in the RDP window.

You would just make sure in your router that you are forwarding the correct port to the correct internal IP address - If you had a router that supported external port to internal port mapping -- you would not have to do so much - you could specify an outside port to listen on for each one (3389-3390-3391, etc) then nat down to the inside IP and port number (3389) - thats what I have done for others (cisco router for example) - but linksys doesnt support this as of now - unless something has changed most recently.

As far as a stopping point, remember, with each one you change, you will need to remember that going forward.
0
 
FrankBabzAuthor Commented:
Thanks for the great guidance!
0
 
mmusurlianCommented:
Glad to help!
0
 
FrankBabzAuthor Commented:
Following your suggestions.... my remote desktops are all working.

Thanks again,
Frank
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

  • 6
  • 6
Tackle projects and never again get stuck behind a technical roadblock.
Join Now