Solved

Connecting to the computer on Windows 2008 network remotely

Posted on 2013-01-29
12
307 Views
Last Modified: 2013-02-22
Hi,
 
  I have Windows 2008 Network with Windows 7 PCs on the network.
  Is it possible to remotely connect to the workstation PC directly (not to Terminal Server) from outside of the network using remote desktop?
  I know on SBS2011 network I can connect to a workstation PC via RD Gaetway Server Settings in Remote Desktop Connection.
  I am trying to avoid installing remote access programs such as Logmein  or TeamViewer or Port Forwarding setup  (like TCP 3390) on the router.

Thanks.
0
Comment
Question by:sglee
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 5
12 Comments
 
LVL 2

Expert Comment

by:jli168
ID: 38832742
Are you sitting behind firewall? Are you workstation on DHCP? I would recommend do port forwarding or you can one to one NAT if you have enough external ip.

JL
0
 
LVL 38

Accepted Solution

by:
Hypercat (Deb) earned 260 total points
ID: 38832823
Another possibility (more secure) would be to set up a secure VPN, either using your Windows server or your perimeter router, and have the users connect to the VPN. Once they're connected, they can use RDP through the VPN connection to their workstations.
0
 

Author Comment

by:sglee
ID: 38832844
@jli168
Are you sitting behind firewall? ---> no firewall. Just Linksys router
Are you workstation on DHCP? ---> Yes it gets IP address from Domain Controller (W2008 Svr)
I would recommend do port forwarding  ---> This is what I will do if there is no other option like in SBS2011 network.
0
Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

 

Author Comment

by:sglee
ID: 38832870
@ hypercat

"Open VPN connection and run Remote Desktop to connect to internal PC" ---> That is a good idea. I did not even think about that.

Or ... we have a Windows 2008 Terminal Server. So the user can connect to theTerminal Server first and launch another remote desktop sessoin to connect to his/her office PC.
0
 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 38832906
Yes, as you say you could do it either way. However, for them to connect to the TS and then open a separate RDP session to their own workstation, working in an RDP window within an RDP window might be a bit confusing for the user.

If you already have a terminal server, I have to ask: Why do the users need to connect to their own PCs?  It seems rather redundant to say the least...
0
 

Author Comment

by:sglee
ID: 38832919
" It seems rather redundant to say the least... " ---> because they have some software on their desktop. Those software may not be compatible with TS or too complicated to setup/run on TS.
0
 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 38835373
I see your point.  I think the VPN/RDP direct to the user's desktop might be the better alternative. On the other hand, the terminal server solution does avoid your having to open more ports on your firewall.  And, depending on how they work, it might be more convenient for the users to connect to the terminal server, work on that platform, and then do another RDP from there to their own workstation.

In any case, you might want to think about security. If it's a concern at this firm that users shouldn't have access to each other's workstations, then you would want to be sure that each user has remote access permissions only to his/her own workstation.
0
 

Author Comment

by:sglee
ID: 38835510
I like both options (1) VPN/RDP  (2) TS/RDPtoWS  because they both allow local printing and full access to their computers.
They are both two step processes, but (1) VPN/RDP option requires RRAS setup whereas (2) TS/RDPtoWS is already there.
If I can verify local printing, I think I will go with (2) TS/RDPtoWS option for now.

Let me ask you guys:
So unlike SBS2011, there is no way to connect to the workstations from outside using Remote Gateway settings in remote desktop connection in Windows 2008 network?
0
 
LVL 38

Assisted Solution

by:Hypercat (Deb)
Hypercat (Deb) earned 260 total points
ID: 38836073
Come to think of it, if you're using the remote desktop gateway feature of the Windows 2008 remote desktop services setup, then you should be able to allow users to connect to their own workstations remotely through that gateway.  I've never done it for any of my clients, since the issue hasn't come up and I'm not a big fan of having users connect to their own desktops remotely for security reasons.  But I have tested it and it works.  You'd need to add the workstations to whatever connection group you've set up in your TS Gateway RAP (resource access policy) and then they could connect directly their workstations using the terminal server as a gateway.

Here's an article just on TS RAPs.  If you're not familiar with the concept and/or aren't using the TS Gateway features of your Windows 2008 remote desktop services, then you'll have to do additional reading:

http://technet.microsoft.com/en-us/library/cc772397(v=WS.10).aspx
0
 

Author Comment

by:sglee
ID: 38846792
Let me try to setup separate Windows 2008 Server as a Virtual Machine on a test server and install TS Gateway feature. I will post the result.
0
 

Author Comment

by:sglee
ID: 38919335
For now, I decided to go with VPN / RDP solution.
I will try setting up  install TS Gateway features on Windwos 2008 Server later.
Thnaks for your help.
0
 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 38919443
You're welcome, and good luck with this project!
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Like many organizations, your foray into cloud computing may have started with an ancillary or security service, like email spam and virus protection. For some, the first or second step into the cloud was moving email off-premise. For others, a clou…
Sometimes drives fill up and we don't know why.  If you don't understand the best way to use the tools available, you may end up being stumped as to why your drive says it's not full when you have no space left!  Here's how you can find out...
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question