Solved

RDP Port forwarding on Win 2008 server

Posted on 2013-01-31
4
752 Views
Last Modified: 2013-02-07
We have a Windows 2008 Standard R2 server that we use for RDP.  It was originally set up by an external consultant.  He did port forwarding on our firewall so that you would have to enter another port number other than 3389 when accessing the server (ex remote.domain.com:12345).

We are upgrading our firewalls and this firewall does not want to play nice with the port forwarding.  Is there a way for me to do the port forwarding directly on the server instead of through the hardware firewall?

Thanks!
0
Comment
Question by:jmerulla
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 58

Accepted Solution

by:
Cliff Galiher earned 500 total points
ID: 38842270
No there is not, and honestly, even port forwarding on the firewall is not a great solution.

If you are properly licensed and each connecting user has an RDS CAL, then you are already licensed to set up and use the RDGateway service. This is DESIGNED for this task. It will secure RDP sessions and proxy them via port 443, which almost every firewall in existence supports, no funky remapping required.
0
 
LVL 44

Expert Comment

by:Jackie Man
ID: 38842906
Does your ISP give you a range of real IP address?

If yes, try the following:

You can assign a real IP to the NIC of the server, so that you can assess the server by:

   Real IP:443

But, it is not a good practice as it will be difficult to maintain security.

OR

You can buy a NAS with router features and assign a real IP to the NAS and put the NAS into the DMZ of your network. Then, port forward to the server 2008 R2 from the NAS.
0
 
LVL 2

Author Comment

by:jmerulla
ID: 38844335
The Cisco ASA firewall has NAT set up for the RDP server so when staff try to connect from outside to externalip:nonrdppport it forwards to internalip:3389.  We've noticed that if we try to use that server for anything else on the ASA we get warnings about the port forwarding.

We don’t have the external ip address set up on the NIC of the server because staff sometimes have t access the RDP server internally  (quick way to work if having computer issues).
0
 
LVL 18

Expert Comment

by:Netflo
ID: 38844675
I agree with cgaliher, RDG is the best and secure way to go. You can configure it on the current RDS and need a single name certificate. You only need to map 443 TCP to the internal server. All other RDC icons will need to be updated to be aware of the gateway settings and away you go.
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Sometimes drives fill up and we don't know why.  If you don't understand the best way to use the tools available, you may end up being stumped as to why your drive says it's not full when you have no space left!  Here's how you can find out...
OfficeMate Freezes on login or does not load after login credentials are input.
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

756 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question