Solved

Netgear Firewall and RDP

Posted on 2014-03-14
11
324 Views
Last Modified: 2014-03-31
I have netgear firewall and I want to do two things.

1. Be able to allow RDP to all pcs, and I read below link and it tells me each pc must have static IP. Is it truth?

http://www.buildeasypc.com/category/software/port-forwarding-for-windows-remote-desktop-on-netgear-dg834ggtn-router.htm


2. Set up static IP to each PC

I did check the firewall and have the following information.

IP: 72.54.249.50
IP Subnet Mask: 255.255.255.252

Primary DNS: 66.180.85.111
Secondary DNS: 64.239.55.222

In the each pc that I am going to set up the IP. What should i fill in below:

IP Address:
Subnet Mask:
Default gateway:

Preferred DNS
Alternative DNS

Thanks
0
Comment
Question by:CoolDev2014
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 3
  • +1
11 Comments
 
LVL 30

Expert Comment

by:pgm554
ID: 39930026
If you are trying to RDP from outside of you LAN (internet) ,you will need a static IP from your ISP or a dynamic dns account as most ISP's will give you a dynamic IP address that can change after a while of use.
0
 
LVL 96

Expert Comment

by:Experienced Member
ID: 39930044
I agree with the above in principle.

I have a Cisco RV042G VPN router in my home office. The ISP gives me a dynamic IP that changes but rarely. I set up tunnels to clients who have static IP addresses (businesses) and the tunnels stay up for a year or more before having to change the my home office IP in the client setups.

You can also use DYNDNS and that will do what you want on the dynamic end.

At least one end in your arrangement above must have a static IP address for workable results.

http://dyn.com/dns/
0
 

Author Comment

by:CoolDev2014
ID: 39930141
actually, I am trying to RDP INSIDE of the LAN.
0
Free Backup Tool for VMware and Hyper-V

Restore full virtual machine or individual guest files from 19 common file systems directly from the backup file. Schedule VM backups with PowerShell scripts. Set desired time, lean back and let the script to notify you via email upon completion.  

 
LVL 96

Expert Comment

by:Experienced Member
ID: 39930159
See if your LAN firewall is in the way. Also make sure the target machine allows RDP connections (Computer, right click, Properties, Advanced System Properties, Remote Tab and make sure you have allowed Remote Desktop Connections to this computer.

You might try connecting to the IP address of the target computer (in case there is a firewall restrictions).

The two things (connect by IP; and enabling RDP connections) should work.
0
 

Author Comment

by:CoolDev2014
ID: 39930248
I try to RDP PC name, and static IP. Both ways are not working.
I already enable ALLOW remote in the target pc. The target pc is window 7 Starter.
0
 
LVL 36

Expert Comment

by:Kimputer
ID: 39930271
Check internal lan config, probably something like
IP:192.168.1.x (check netgear lan config)
Subnet:255.255.255.0
Gateway: netgear internal lan ip
Dns: netgear internal lan ip

All pc's must have a unique ip. Better make sure it's not in the dhcp range.

Now add rules in the netgear:
Firewall allow traffic to these ip's
Nat/virtual servers:
Assign every pc's ip to a different public port:
For example pc1 ip is 192.168.1.100 assign outside port 5001 to internal port 3389
Pc 2 ip outside port 5002 to inside 3389
Etc.

When you're outside, use:
72.54.249.50:5001
 to connect to the pc 1
72.54.249.50:5002
for pc 2 etc.
0
 

Author Comment

by:CoolDev2014
ID: 39930309
1. IP:192.168.1.x (check netgear lan config) ? where you want me to check?
0
 
LVL 36

Expert Comment

by:Kimputer
ID: 39930325
To know that, I have to know the exact model/type of your netgear device.
0
 

Author Comment

by:CoolDev2014
ID: 39930576
NETGEAR ProSafe™ Gigabit 8 Port VPN Firewall FVS318G
0
 
LVL 96

Expert Comment

by:Experienced Member
ID: 39930904
Also make sure you are using Windows Pro and not Home.

All computers should be on the same subnet. None should be connected to DMZ.

Can you easily PING any computer from any other computer?
0
 
LVL 36

Accepted Solution

by:
Kimputer earned 500 total points
ID: 39931986
Follow this guide: http://www.downloads.netgear.com/files/products/FVS318G/Documentation/RM/FVS318G_RM_27Aug10.pdf

Page 3-3. Here you can see your DHCP settings. Set the PC's you want to control to IP's outside this range. If you have a default setup, you can start with PC as IP 192.168.1.101, and PC2 as 192.168.1.102

Now go to page 4-24 to add a few customised services, like the previous example, 5001 for RDP1, 5002 for RDP2 etc.
Now page 4-5, add inbound rules for PC1 with IP 192.168.1.101, with the rule RDP1 (incoming port 5001), and make sure you use the Translate to Port number option and fill in 3389.
Add inbound rules for PC2 with IP 192.168.1.102, with the rule RDP2 (incoming port 5002), and make sure you use the Translate to Port number option and fill in 3389.
Continue for all other PC's.
You will now be able to connect to them all from outside with
public_ip_nr:5001 through 50xx (xx is how many PC's you've set up)
0

Featured Post

Simple, centralized multimedia control

Watch and learn to see how ATEN provided an easy and effective way for three jointly-owned pubs to control the 60 televisions located across their three venues utilizing the ATEN Control System, Modular Matrix Switch and HDBaseT extenders.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Nothing in an HTTP request can be trusted, including HTTP headers and form data.  A form token is a tool that can be used to guard against request forgeries (CSRF).  This article shows an improved approach to form tokens, making it more difficult to…
This article discusses how to create an extensible mechanism for linked drop downs.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …
Suggested Courses

635 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question