• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 275
  • Last Modified:

Remote Desktop connection on Windows 7 pro

I added a new Windows 7 Pro machine to our LAN (Windows Server 2008 R2) and am having the usual problems of trying to connect to it remotely, from outside our LAN, with Remote Desktop.

I have other machines with Windows 7 Pro and connect to them and I don't remember all the things I did on them to make it work. Of course I enabled remote connections in the properties, and I added a specific rule in for incoming traffic in the firewall on the port I'm targeting.

There is a NAT configured on the router to forward to the local machine:

      Protocol         Start Port      End Port               Local IP Address
PC1      ALL              3397            3397            192.168.16.52
PC2      ALL              3396            3396            192.168.16.29

For example, PC1 works, from inside the LAN if I connect to 192.168.16.52:3397, and also if I connnect from the outside on our public static IP with : 217.xxx.xxx.xxx:3397 - no problem.

Here is perhaps a clue to the problem, PC2 doesn't work from the outside with 217.xxx.xxx.xxx:3396, BUT - it does work from the inside with simply : 192.168.16.29 and also with the hostname - without specifying the port. I have the standard RDP port, 3389, pointing to the server, and that works normally, from both the inside and outside.

So why can I connect to it on the inside without the port - if add the port it doesn't work - which is probably the same reason it doesn't work from the outside. Apart from adding a specific firewall rule for port 3396 to allow incoming traffic on that machine and enabling complete RDP access, I don't see what else I can do. I must have done something on the other machines, but I don't remember what.
0
jdailey59
Asked:
jdailey59
  • 3
  • 2
1 Solution
 
MiftaulCommented:
There are many possible solution here. I would prefer to keep the default RDP port 3389 for the pc2. And for remote access, do port forwarding with 3396 from the routers wan mapped to 3389 towards  internal pc2.

That way, when we RDP to wan IP with port 3396, it gets forwarded to pc2 default RDP port 3389.
0
 
Fred MarshallPrincipalCommented:
You probably need to open the desired ports in the Windows 7 firewall.

I don't quite see how one could use the same port for remote access.  That would be a one-to-many mapping and THAT can't work.  So maybe there's another approach..?
0
 
MiftaulCommented:
When we rdp from outside network, we initiate the rdp to an external port that get gets mapped to internal port on the inside network.  Port forwarding can map an external port to a different internal port. Here we can forward port 3396 from the routers wan ip to pc2 ips port 3389.

For the pc1, we can forward pprt 3397 from wan to pc1 ip port 3389.

That way we are not changing default rdp ports on the pc, but using different extrrnal ports on the router to map to the same rdp port 3389 on different pc ip address.

Say wan ip with port 3397 forwards to pc1 with port 3389
Wan ip with port 3396 maps to pc2 ip port 3389.

As we see, we are not changing rdp ports on the pc but just using different ports in portforwarding.
0
Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

 
jdailey59Author Commented:
I tried setting the default RDP port 3389 as the internal port: 3396 (start port) and 3389 (end port) and got an error when trying to save:
ERROR: FAIL TO UPDATE DUE TO... DUPLICATE PORT NUMBER !
I have a TP-LINK Wireless ADSL2+ Modem Router. But on other machines, like in my example PC1, with start port 3397 and end port 3397 it works - and it works on other PCs as well.

And I did open the desired ports on the Windows firewall - I remember that's what I did before on the other PCs where it works.

I've had this problem before, in fact everytime I add a new PC to the LAN I have this problem, but in the end I get it to work, but I don't remember what I did.

Before I had a D-Link ADSL modem router and the port forwarding on that one required the internal port to be 3389 and the external port whatever, but on the TP-Link it requires both external and internal to be the same.

Would investing in a Cisco modem router save me these headaches?
0
 
jdailey59Author Commented:
I remembered what I did to get this to work - and now it works. I had to change the Remote Desktop listening port in the registry on the computer I want to connect to.

1 .Start Registry Editor.
2.  Locate and then click the following registry subkey:
3. HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TerminalServer\WinStations\RDP-Tcp\PortNumber
4. On the Edit menu, click Modify, and then click Decimal.
5. Type the new port number, and then click OK.
6. Quit Registry Editor.
Restart the computer.

Whiich I got from here:

https://support.microsoft.com/en-us/kb/306759#LetMeFixItMyselfAlways

That's why I could connect to the PC internally with no port specified, but now I connect to it with the router's external public (and static) IP, by specifying that particular port. Of course that particular port must also be specified when connecting internally now, but that's not a problem.

For anyone else trying to do this, this is what I did:

1. NAT (port forward) in the router with the chosen port in both start and end, pointing to the internal IP of the PC you're targeting, and ALL protocols selected (although  perhaps TCP and UDP is sufficient)
(My router-modem is a TP-Link TD W895 1ND)

2. Add an incoming traffic rule for that port in the Windows firewall

3. Change the listening port for Remote Desktop in the registry
0
 
jdailey59Author Commented:
The reason is simply because it works.

For anyone else trying connect to a Windows 7 PC on their LAN from outside of the LAN with Windows Remote Desktop:

1. NAT (port forward) in the router with the chosen port in both start and end, pointing to the internal IP of the PC you're targeting, and ALL protocols selected (although  perhaps TCP and UDP is sufficient)
(My router-modem is a TP-Link TD W895 1ND)

2. Add an incoming traffic rule for that port in the Windows firewall

3. Change the listening port for Remote Desktop in the registry

For example if you chose to it it up with port 3396 (on my modem-router I can add up to 12 NATs)
Launch mstsc.exe
To connect internally now, either : hostname:3396 or 192.168.xxx.xxx:3396
To connect externally : your_public_static_IP:3396
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: SQL Server Core 2016

This course will introduce you to SQL Server Core 2016, as well as teach you about SSMS, data tools, installation, server configuration, using Management Studio, and writing and executing queries.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now