Solved

Connecting to the computer on Windows 2008 network remotely

Posted on 2013-01-29
12
302 Views
Last Modified: 2013-02-22
Hi,
 
  I have Windows 2008 Network with Windows 7 PCs on the network.
  Is it possible to remotely connect to the workstation PC directly (not to Terminal Server) from outside of the network using remote desktop?
  I know on SBS2011 network I can connect to a workstation PC via RD Gaetway Server Settings in Remote Desktop Connection.
  I am trying to avoid installing remote access programs such as Logmein  or TeamViewer or Port Forwarding setup  (like TCP 3390) on the router.

Thanks.
0
Comment
Question by:sglee
  • 6
  • 5
12 Comments
 
LVL 2

Expert Comment

by:jli168
ID: 38832742
Are you sitting behind firewall? Are you workstation on DHCP? I would recommend do port forwarding or you can one to one NAT if you have enough external ip.

JL
0
 
LVL 38

Accepted Solution

by:
Hypercat (Deb) earned 260 total points
ID: 38832823
Another possibility (more secure) would be to set up a secure VPN, either using your Windows server or your perimeter router, and have the users connect to the VPN. Once they're connected, they can use RDP through the VPN connection to their workstations.
0
 

Author Comment

by:sglee
ID: 38832844
@jli168
Are you sitting behind firewall? ---> no firewall. Just Linksys router
Are you workstation on DHCP? ---> Yes it gets IP address from Domain Controller (W2008 Svr)
I would recommend do port forwarding  ---> This is what I will do if there is no other option like in SBS2011 network.
0
 

Author Comment

by:sglee
ID: 38832870
@ hypercat

"Open VPN connection and run Remote Desktop to connect to internal PC" ---> That is a good idea. I did not even think about that.

Or ... we have a Windows 2008 Terminal Server. So the user can connect to theTerminal Server first and launch another remote desktop sessoin to connect to his/her office PC.
0
 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 38832906
Yes, as you say you could do it either way. However, for them to connect to the TS and then open a separate RDP session to their own workstation, working in an RDP window within an RDP window might be a bit confusing for the user.

If you already have a terminal server, I have to ask: Why do the users need to connect to their own PCs?  It seems rather redundant to say the least...
0
 

Author Comment

by:sglee
ID: 38832919
" It seems rather redundant to say the least... " ---> because they have some software on their desktop. Those software may not be compatible with TS or too complicated to setup/run on TS.
0
ScreenConnect 6.0 Free Trial

Check out the updates in one game-changing release, ScreenConnect 6.0, based on partner feedback. New features include a redesigned UI that improves session organization and overall user experience. See the enhancements for yourself!

 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 38835373
I see your point.  I think the VPN/RDP direct to the user's desktop might be the better alternative. On the other hand, the terminal server solution does avoid your having to open more ports on your firewall.  And, depending on how they work, it might be more convenient for the users to connect to the terminal server, work on that platform, and then do another RDP from there to their own workstation.

In any case, you might want to think about security. If it's a concern at this firm that users shouldn't have access to each other's workstations, then you would want to be sure that each user has remote access permissions only to his/her own workstation.
0
 

Author Comment

by:sglee
ID: 38835510
I like both options (1) VPN/RDP  (2) TS/RDPtoWS  because they both allow local printing and full access to their computers.
They are both two step processes, but (1) VPN/RDP option requires RRAS setup whereas (2) TS/RDPtoWS is already there.
If I can verify local printing, I think I will go with (2) TS/RDPtoWS option for now.

Let me ask you guys:
So unlike SBS2011, there is no way to connect to the workstations from outside using Remote Gateway settings in remote desktop connection in Windows 2008 network?
0
 
LVL 38

Assisted Solution

by:Hypercat (Deb)
Hypercat (Deb) earned 260 total points
ID: 38836073
Come to think of it, if you're using the remote desktop gateway feature of the Windows 2008 remote desktop services setup, then you should be able to allow users to connect to their own workstations remotely through that gateway.  I've never done it for any of my clients, since the issue hasn't come up and I'm not a big fan of having users connect to their own desktops remotely for security reasons.  But I have tested it and it works.  You'd need to add the workstations to whatever connection group you've set up in your TS Gateway RAP (resource access policy) and then they could connect directly their workstations using the terminal server as a gateway.

Here's an article just on TS RAPs.  If you're not familiar with the concept and/or aren't using the TS Gateway features of your Windows 2008 remote desktop services, then you'll have to do additional reading:

http://technet.microsoft.com/en-us/library/cc772397(v=WS.10).aspx
0
 

Author Comment

by:sglee
ID: 38846792
Let me try to setup separate Windows 2008 Server as a Virtual Machine on a test server and install TS Gateway feature. I will post the result.
0
 

Author Comment

by:sglee
ID: 38919335
For now, I decided to go with VPN / RDP solution.
I will try setting up  install TS Gateway features on Windwos 2008 Server later.
Thnaks for your help.
0
 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 38919443
You're welcome, and good luck with this project!
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Join & Write a Comment

Like many organizations, your foray into cloud computing may have started with an ancillary or security service, like email spam and virus protection. For some, the first or second step into the cloud was moving email off-premise. For others, a clou…
New Windows 7 Installations take days for Windows-Updates to show up and install. This can easily be fixed. I have finally decided to write an article because this seems to get asked several times a day lately. This Article and the Links apply to…
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now