• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 511
  • Last Modified:

Using VPN to access Terminal Server.

Hello Guys,

I need to test something...i have a domain controller on windows server 2003 and a terminal server on windows 2003 server too.  I would need to give outside users access to that terminal server.  I have only a dlink switch 24 ports...ADSL routers...
I have heard about VPN client and im new on that.  Can you please show me the best approach how to give those users access to my terminal server!!
Is there a free or trial VPN software available to test that?
For your information i will use private ip address for the testing...Will it affect the testing?

Thanks for your answers..
  • 2
2 Solutions
QlemoBatchelor, Developer and EE Topic AdvisorCommented:
If "i will use private ip address for the testing" means you want to try it from inside your network - yes, that effects the test. You can test the terminal server connection in general, but not if is available for outside users.

For "publishing" the terminal server, you can use port forwarding for port 3389/tcp on your DSL router  - this will expose the terminal server to the public, however, and might be subject to attacks.

As you mentioned there are also VPNs as option. Windows OS implement a simple VPN protoocol server (PPTP), and that is what I would try to use here:
Set up Routing and Remote Access (RRAS) on a W2003 (or higher) server, and configure it for Remote Access (you will get asked by the Wizard, nothing complicated here to set up).
Then you'll need to allow port-forwarding for PPTP (1723/tcp) and GRE (protocol 47) on your DSL router - most have a specific "VPN passthru" setting, which bundles all necessary settings. The IP you need to provide is that of the RRAS server.
Having done that, you should be able to establish a VPN connection with the Windows client (just follow the Wizard here again), connecting against the public IP of your DSL router.

Warning! PPTP is flaky. In most cases, it just works, but you might encounter issues when trying with multiple connections, in particular from the same source (read: public IP). Troubleshooting is difficult, up to impossible. So it is worth a try and some fiddling, but if it does not work, we should try something different. In that case you should post details about the brand of your DSL router.
Larry Struckmeyer MVPCommented:
The best approach is to have a firewall that has a corresponding mobile VPN client and set the VPN from the VPN client to the firewall.  This provides the least overhead for the server and the greatest security for the data flow.
JohnBusiness Consultant (Owner)Commented:
I agree that a separate firewall with VPN capabilities is the best way to go. For small businesses, Juniper (e.g. SSG5) and Cisco (RV042G) make good, inexpensive VPN routers that work well and are reliable. I do this for my own clients.

.... Thinkpads_User
JohnBusiness Consultant (Owner)Commented:
@techlabtest - Thank you, and I was happy to help you with this.  ... Thinkpads_User
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Protect Your Employees from Wi-Fi Threats

As Wi-Fi growth and popularity continues to climb, not everyone understands the risks that come with connecting to public Wi-Fi or even offering Wi-Fi to employees, visitors and guests. Download the resource kit to make sure your safe wherever business takes you!

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now