Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Remote Desktop RDP to 3 PCs using a different Port per PC?

Posted on 2015-01-05
17
Medium Priority
?
120 Views
Last Modified: 2015-01-10
Hello Experts,

I just setup a New SonicWall TZ105  at a client.

They have 2 PCs and a Server, XX-FS1, XX-PC1 & XX-PC2

I need to configure RDP to each PC from externally.

I used the Wizard in the Sonicwall and it works for 1 PC but never for the next one.

I Know I need to create a new Port of each PC like 3390, 3391 & 3392 But I cannot get it to work.

I've tried this: http://www.experts-exchange.com/Security/Software_Firewalls/Q_28150334.html#a39228321

But I cannot get it to work.

Can you please provide Step by Step commands to configure my TZ 105 ?

Thanks,

Lasareath
0
Comment
Question by:Lasareath
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 10
  • 7
17 Comments
 
LVL 25

Expert Comment

by:NVIT
ID: 40532752
Note: I use X3 for my WAN port. Yours may differ.

1. Open Firewall section

a. Add Address Object:
i. Local: e.g. "User1 10.0.0.1", LAN, Host, 10.0.0.1
ii. Remote: e.g. "User1 Home", WAN, Host, 123.456.789.999
iii. Repeat above for each PC.

b. Add Service Object, RDP with unique port, e.g. "RDP_3391", TCP, Start & End ranges: 3391

c. Add Access Rule, Matrix, WAN to LAN, e.g. Service: "RDP_3391", Source: "User1 Home", Destination: X3 IP

2. Open Network section

a. Add NAT Policy, e.g.
i. Original Source: Any
ii. Translated Source: Original
iii. Original Destination: X3 IP
iv. Translated Destination: "User1 10.0.0.1"
v. Original Service: RDP_3391
vi. Translated Service: Original
vii. Inbound Interface: X3
viii. Outbound Interface: Any
ix. Comment. Add one.
x. Repeat above for each PC.

Note: In case you don't know, you'll need to revise your RDP ports at each station to match the firewall ports.
0
 

Author Comment

by:Lasareath
ID: 40532776
Thanks for the reply.

I used X1

For 1a I created:
i.  NICK 192.168.1.151
ii.  Not Sure what you want me to fill out here?, Is the 123.456.789.999 My WAN IP?
0
 
LVL 25

Expert Comment

by:NVIT
ID: 40532779
123.456.789.999 is the external IP connecting to the LAN pc/server. e.g. Nick's home.
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 

Author Comment

by:Lasareath
ID: 40532780
The problem with that is I don't know that IP, He's connecting with a Laptop. So the IP will be different each time
0
 

Author Comment

by:Lasareath
ID: 40532788
Can I make that IP address a Range?
0
 
LVL 25

Expert Comment

by:NVIT
ID: 40532792
No. You can't make the IP a range. In that case, you can't use the user's source IP. You'd have to open it by changing the Access Rule, Source. Instead of "User1 Home", use something like All WAN IP. However, this is basically open to the world - not good. A better solution is Sonicwall's NetExtender, which is basically a VPN. I'm not familiar with NetExtender, so I don't have workable info for you.
0
 

Author Comment

by:Lasareath
ID: 40532795
I know NetExtender, I use it with many clients, This client does not want NetExtender, They want RDP
0
 
LVL 25

Expert Comment

by:NVIT
ID: 40532804
I'm not certain but, doesn't netextender let one make a secure connection to the lan? If so, at that point I think you should be able to connect via rdp
0
 
LVL 25

Expert Comment

by:NVIT
ID: 40532805
...to the effect that the remote client becomes part of the lan and gets a lan IP.
0
 

Author Comment

by:Lasareath
ID: 40532807
Yes, Or you can run a login script and just map drives.

They want to use RDP because they may not be on their laptop, they may be on a clients PC and so they want to use RDP from that PC.

There are tons of posts I've found where people say they do it all the time by using another port for each PC.

You can go to the registry of the destination PC and change the incoming RDP port

I think there is also a way to do it in NAT Policies where you tell the incoming route to go to the new IP based on which Port it came in on.
0
 

Author Comment

by:Lasareath
ID: 40532809
There are people who said they got this to work:

http://cyberblogue.com/sonicwall-port-forwarding-wan-port-different-from-the-internal-port-enhanced-os/

I'm just not a SonicWall Guru
0
 
LVL 25

Expert Comment

by:NVIT
ID: 40532814
Hi. Please bear with me due to my ignorance with netextender.

Just to confirm, once the client connects via netextender, does it get an IP on the same LAN? If so, we just need to worry about rdp on the LAN side. No sonicwall at that point... I think. 8-)
0
 
LVL 25

Expert Comment

by:NVIT
ID: 40532819
In general:
On target host...
1. Change rdp port
2. Change registry
3. Open host firewall port, if applicable.

On remote client...
1. Connect via netextender.
2. Connect via rdp using hostname:port

I don't have exact steps since I'm not on a computer now. Commuting home now...
0
 

Author Comment

by:Lasareath
ID: 40532822
I don't want to use NetExtender.
0
 

Accepted Solution

by:
Lasareath earned 0 total points
ID: 40532864
This explains how to do it.  Works Perfectly!!!

https://support.software.dell.com/kb/sw5611
0
 

Author Comment

by:Lasareath
ID: 40533480
There is also a Video at that URL with a really sexy sounding Indian chick showing you how to do it.  Piece of cake now. Each PC has their own Port.  3390, 3391, 3392

Awesome!!
0
 

Author Closing Comment

by:Lasareath
ID: 40541809
It works
0

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As an IT person for a call center we are always looking for tools to make our jobs easier. Well I found the ultimate application for the job. SmartCode VNC Manager gets the job done. Its easy to get up and running just run the wizard to pul…
I recently had the displeasure of buying a new firewall at one of the buildings I play Sys Admin at. I had to get a better firewall than the cheap one that I had there since I was reconnecting the main office to the satellite office via point-to-poi…
How to install and configure Citrix XenApp 6.5 - Part 1. In this video tutorial we have explained step by step installation of Citrix XenApp 6.5 Server on Windows Server 2008 R2 is explained in this video. We have explained the difference between…
In this video, Percona Solutions Engineer Barrett Chambers discusses some of the basic syntax differences between MySQL and MongoDB. To learn more check out our webinar on MongoDB administration for MySQL DBA: https://www.percona.com/resources/we…
Suggested Courses

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question