Remote Desktop points to a local address. Why not public static address?

I just got a new customer but I'm afraid I'm in over my head.

They have a server at office A, and at office B in a different town they are connecting to a Terminal Services session to run medical software. Each office has a CISCO 800 series router, not sure yet of the exact model, but will update.

My problem is that the Remote Desktop Connection at office B shows that it is connecting to the local server address (192.168.150.1) and NOT the public static IP address that is provided by the ISP (Optimum online cable).

I'm not that familiar with CISCO routing, and I assume that the router at office B is translating the local 150.1 into the public IP address, but why would it be set up that way (assuming I'm correct)? Why not just have the Remote Desktop Session point to the static Public IP?
bricar1PresidentAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

wingkchanCommented:
The two offices are probably connected by a VPN, so office B computers appear to be a local internal IP.
TasticVNTCommented:
Hello Bricar1,

I don't feel there is enough information to give you a solid answer, but one thing comes to mind that I think you should check.

Just to clarify, you stated that you have a server at 'Office A,' and a server at 'Office B' in completely different towns.  Obviously, these networks need to communicate with each other, but communicate with each other securely... probably via VPN (Virtual Private Network) utlizing PPTP but most likely L2TP over IPSec due to its superior security advancements.  

You stated that the remote desktop connection at 'Office B' in a different town is connecting to the 'Local Server Address: 192.168.150.1, not the Public IP address (External IP Address as well).  I'm not sure if the 'Local Server Address' you're referring to is at 'Office B' or 'Office A.'  Based on the context, I'm assuming you meant 'Office B.'

Here's my suggestion:

1) Open up network devices in control panel and check to see if there is a 'VPN Connection' accepting incoming connections... something of that nature.  If there is, the IP it is pointing to may be the VPN utilized to network 'Office A' with 'Office B' which goes on a separate virtual network.

2)  If the Remote Desktop Connection is pointing to a local address, but connecting to a remote/offsite system then the network is most likely already 'OPERATING" to it's own personal VPN.

3)  The Cisco 800 Series Router is a VPN router, so open up the admin page and check the VPN settings.  If it's enabled, it's another strong clue that you're currently utlizing a VPN network and explains why the RDC connection is pointing to a local address.

4) There's a good reason why you don't want to point your RDC to the 'Public IP Address' (Especially in business environments) Security and inconvenience.  The default RDC port is 3389, so if you connect to the Public IP Address, you'll most likely request a RDC connection with the server, not the client machines & Data resources you wish to access.  If you have two remote server networks with several clients, then you would have to change the default RDC listening port from 3389 to something like 3390, 3391, 3392, etc.  In which case, you would connect to the client machine on an offsite/remote network by entering an IP following this syntax: <192.168.150.1:3390> or <192.168.150.1:3391> etc.  This is inconvenient because you have to go into the registry to change the default RDC listening port on every client machine you wish to access remotely.  More importantly, your connection will most likely not be encrypted if you're not connected via a virtual private tunnel that provides top-notch security from prying eyes.

Furthermore, you'll have to set up port-forwarding via your router/firewall so that when an RDC requests comes in pointing to say: <192.168.1.10:3392>, you'll have to forward TCP Port 3392 to: <192.168.1.10>.  All in all, this may work alright in home situations, but definitely not ideal under business conditions.

A VPN network will connect to 'unlike' networks, ideally with completely separate subnets to merge as one virtual private network utilizing its own unique networking IP schema.  

So let's say for example the VPN network utilized this network scheme 10.20.30.0/24.  Client machines on the last octet utlize .1, .2, .3, etc.  You would then be able to access all network resources by working on the same virtual private network.  

I hope this points you in the right direction.

-T

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Remote Access

From novice to tech pro — start learning today.