remote desktop solution

Posted on 2011-10-31
Last Modified: 2012-05-12
We have couple branch office in different location
Total remote user are about 15 to 20
They are using remote desktop to connect our terminal server
I am not sure this is safe because anybody could connect our terminal server if they know
public IP and user name and password.
Is there any other way to connect using remote deskop such as mac address or others ?
and Also we are willing to pay remote solution, what is most safy and popular soulation?

Thank you
Question by:chungsterp
    LVL 89

    Accepted Solution

    >>> anybody could connect our terminal server if they know public IP and user name and password.

    Yes, of course.

    A better way is to put an IPSec VPN router in your offices. I am not clear if the users are remote to any office or if it is just the offices you wish to connect. But assuming the latter, implement VPN between branches and that will secure it. You can also remote into such a setup . .... Thinkpads_User
    LVL 6

    Assisted Solution

    Configuring a site-to-site VPN would ensure a secure solution for your branch office. If you have telecommuters or road-warriors, you would also need to implement a client-server VPN solution.

    A poor-mans solution would be to change the port number in the inbound connections by using PAT (port address translation) on your firewall.

    EX: configure your firewall to except connections from port 45500 (or any high port number) and translate 45500 to 3389 using PAT.  When a user goes to connect using the RDP client, have them append :45500 to the end of the URL or IP.  such as "" or "". This doesn't stop people you don't want from still getting in, but they would now need to know the port number as well.  If you have an IPS/IDS solution on the firewall, any port scans would be blocked and a scan for open ports probably wouldn't be found easily.
    LVL 77

    Assisted Solution

    by:Rob Williams
    Though I agree a proper VPN solution is the best option tsmvp has a very slick little tweak for "Customizing the Remote Desktop Connection Client" that has always impressed me, and adds some security:
    LVL 89

    Expert Comment

    by:John Hurst
    Thank you and I was pleased to assist. .... Thinkpads_User

    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    Join & Write a Comment

    Scenario:  You do full backups to a internal hard drive in either product (SBS or Server 2008).  All goes well for a very long time.  One day, backups begin to fail with a message that the disk is full.  Your disk contains many, many more backups th…
    Like many organizations, your foray into cloud computing may have started with an ancillary or security service, like email spam and virus protection. For some, the first or second step into the cloud was moving email off-premise. For others, a clou…
    This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
    This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…

    734 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    20 Experts available now in Live!

    Get 1:1 Help Now