VPN setup for Remote clients to use Remote Desktop 3389?

I have a Windows 2008 R2 server in one location, MS RDS role, for our client's access.  

I have a few different clients from varying companies who are Firewalled blocked outbound from using port 3389.    Uphill battle getting the IT security policy modified.   We can assume these clients are all on Windows 7 Pro PCs or newer.

Can I use VPN to solve this?    Or alternatives?

What's the easiest way to setup VPN for this?    I only need 3389 to our one RDS server.   Our clients are at different companies.    Do we need a 3rd party involved such as Hamachi ?    And/or set up something with our Cisco 5505 router?
LVL 1
JReamAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

StampelCommented:
Yeah you could buy a fortinet box product (http://www.fortinet.com/) to handle VPN server for you and have them use forticlient to open secure tunnel to your application maybe ?
This could at least let them the choice between VPN or opening that port :)

Why fortinet ? Because configuration is easy.
0
max_the_kingCommented:
Hi,
assuming your "Cisco 5505 Router" is rather a Cisco ASA 5505 Firewall, you can configure vpn remote access on it and install a cisco vpn client anywhere you like.
hope this helps
max
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
JReamAuthor Commented:
We have a Cisco 5505 ASA v05, running ASA ver 8.4(2) .    Is that what you wrote as being  "Cisco ASA 5505 Firewall".  
I really appreciate the assistance!
0
Asif BacchusI.T. ConsultantCommented:
Perhaps I'm missing something here, and I'm not familiar with your particular router/firewall, but can't you simply NAT (more more specifically PAT) a different external port that internally translates to 3389 for RDP?  For example, at one company I work with, we redirect external 10000 to internal 3389 because the management team finds the number 10000 easier to remember.  Then on their RDP client, they simply enter <address>:10000 and our router translates this to <address>:3389 and everything is default from there.  I am not familiar with the Cisco 5505, but even the most basic routers have a NAT/PAT translation feature or 'port forwarding'.

Again, sorry if I misread or am missing something, but if not, port translation seems the easiest solution.
0
JReamAuthor Commented:
Thanks, we're researching the VPN remote access features of the Cisco ASA , along with the AnyConnect client.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
VPN

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.