Poly11
asked on
Need to setup a secure RDP connection to a workstation.
Ladies and Gentleman,
I have a request from a technically savvy client who would like to setup a secure RDP connection to a workstation on his network. They don't want to use a service such as LogMeIn or GoToMyPC which is usually what I would recommend.
Is there a secure way to setup an RDP connection to a specific workstation that is secure? I believe that we'll need to NAT the address. Any suggestions will be greatly appreciated.
The workstation is running Windows XP Pro and is attached to a Windows 2008 R2 server.
Thanks
I have a request from a technically savvy client who would like to setup a secure RDP connection to a workstation on his network. They don't want to use a service such as LogMeIn or GoToMyPC which is usually what I would recommend.
Is there a secure way to setup an RDP connection to a specific workstation that is secure? I believe that we'll need to NAT the address. Any suggestions will be greatly appreciated.
The workstation is running Windows XP Pro and is attached to a Windows 2008 R2 server.
Thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I agree with smckeown777 - the only secure way I can think to do it with a Windows XP OS would be VPN.
ASKER
Yes, this is from outside of the network. I'm thinking of recommending LogMeIn Hamachi. We have the LogMeIon Central edition which works great. The requester is very savvy, therefore I wanted to inquire if there is a better way. Thanks.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Well, with Hamachi we won't need to purchase any additional hardware. What are you thoughts about Hamachi?
No experience with it to be honest, but I do use Logmein so based on that product you're probably in good shape, yes no need for extra hardware
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
We have LogMeIn Central and would use it as a commercial product.
Excellent, then you should be in good shape to use Hamachi. The only caveat with Hamachi, as opposed to traditional VPN, is that you will need to install the Hamachi client on both endpoints : one on your client's XP workstation, and another one on any machine he needs to access his workstation FROM. The latter is traditional, the former, is only a requirement of Hamachi, as it is binding the client with Hamachi's VPN network, not your internal's LAN's network ... A small price to pay if you ask me... still pretty secure. I use it a lot, no issues.
Once established, RDP connections are encrypted, even when just using WinXP. When connecting to WinXP though, you don't have the option of NLA to authenticate the machine you're connecting to before the session is established. Of course, you could have a man-in-the-middle attack, but this couldn't happen to your session in progress. You would be just as vulnerable here as if you used PPTP for VPN.