Solved

VPN setup for Remote clients to use Remote Desktop 3389?

Posted on 2014-10-31
5
232 Views
Last Modified: 2014-12-01
I have a Windows 2008 R2 server in one location, MS RDS role, for our client's access.  

I have a few different clients from varying companies who are Firewalled blocked outbound from using port 3389.    Uphill battle getting the IT security policy modified.   We can assume these clients are all on Windows 7 Pro PCs or newer.

Can I use VPN to solve this?    Or alternatives?

What's the easiest way to setup VPN for this?    I only need 3389 to our one RDS server.   Our clients are at different companies.    Do we need a 3rd party involved such as Hamachi ?    And/or set up something with our Cisco 5505 router?
0
Comment
Question by:JReam
5 Comments
 
LVL 7

Expert Comment

by:Stampel
ID: 40415733
Yeah you could buy a fortinet box product (http://www.fortinet.com/) to handle VPN server for you and have them use forticlient to open secure tunnel to your application maybe ?
This could at least let them the choice between VPN or opening that port :)

Why fortinet ? Because configuration is easy.
0
 
LVL 15

Accepted Solution

by:
max_the_king earned 500 total points
ID: 40415749
Hi,
assuming your "Cisco 5505 Router" is rather a Cisco ASA 5505 Firewall, you can configure vpn remote access on it and install a cisco vpn client anywhere you like.
hope this helps
max
0
 
LVL 1

Author Comment

by:JReam
ID: 40415815
We have a Cisco 5505 ASA v05, running ASA ver 8.4(2) .    Is that what you wrote as being  "Cisco ASA 5505 Firewall".  
I really appreciate the assistance!
0
 
LVL 6

Expert Comment

by:Asif Bacchus
ID: 40417779
Perhaps I'm missing something here, and I'm not familiar with your particular router/firewall, but can't you simply NAT (more more specifically PAT) a different external port that internally translates to 3389 for RDP?  For example, at one company I work with, we redirect external 10000 to internal 3389 because the management team finds the number 10000 easier to remember.  Then on their RDP client, they simply enter <address>:10000 and our router translates this to <address>:3389 and everything is default from there.  I am not familiar with the Cisco 5505, but even the most basic routers have a NAT/PAT translation feature or 'port forwarding'.

Again, sorry if I misread or am missing something, but if not, port translation seems the easiest solution.
0
 
LVL 1

Author Closing Comment

by:JReam
ID: 40473795
Thanks, we're researching the VPN remote access features of the Cisco ASA , along with the AnyConnect client.
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Remote Desktop Shadowing often has a lot of benefits. When helping end users determine problems, it is much easier to see what is going on, what is being slecected and what is being clicked on. While the industry has many products to help with this,…
Are you one of those front-line IT Service Desk staff fielding calls, replying to emails, all-the-while working to resolve end-user technological nightmares? I am! That's why I have put together this brief overview of tools and techniques I use in o…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now