Our Remote Desktop client's ports 3389 may be blocked - Alternatives?
We offer a RDS session service for our business clients. These business clients are located in different locations and companies.
Most clients successfully use their Windows PC Remote Desktop Connection perfectly fine using default port of 3389. (and on our end we've also opened up a couple of other ports on our RDS server which we sometimes need when clients fail to connect because the default 3389 port does not work, such as host: OurRDSServer.com:1234)
But for some our clients Remote Desktop Connection fails totally to connect. In these cases we have to try and reach out to their corporate IT departments to adjust Firewalls and somehow get the clients access to work. This is a painful process.
Most clients successfully use their Windows PC Remote Desktop Connection perfectly fine using default port of 3389. (and on our end we've also opened up a couple of other ports on our RDS server which we sometimes need when clients fail to connect because the default 3389 port does not work, such as host: OurRDSServer.com:1234)
But for some our clients Remote Desktop Connection fails totally to connect. In these cases we have to try and reach out to their corporate IT departments to adjust Firewalls and somehow get the clients access to work. This is a painful process.
Question:
Is there an easier & quicker way to get our business clients connected to our RDS server? We just need direction on the best course of action to investigate. Do we look at VPN? Tunneling? SSH? Other alternatives?SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Wayne88
What was the reason the default port doesn't work? If that port conflict you can assign a different port for the RDS service or you can port forward a different port number to your RDS.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
In my opinion, if the IT department of the other company blocks ports, that is a security issue and their business (and actually the good example of how it should be handled). If it is a painful business for you, then that is so and you have to accept it. Allowing 3rd parties to access computers remotely is something that needs to be carefully handled and only allowed for very good reasons and after plenty of thought. There should be nothing that can circumvent such procedures.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
From your clients perspective I can definitely support blocking 3389 for incoming requests but not for outgoing requests.
ASKER
Thank you for you comments. Very helpful as always. As suggested by Misbah we figured out the RD Gateway access. Seems to work as advertised! Took us a while since we enabled the RD Gateway role on a new separate server, and getting the new SSL Certificate CA installed is always a bit of a task as you know.
We do have a couple of follow up question about RD Gateway which we will open a new question for.
We do have a couple of follow up question about RD Gateway which we will open a new question for.
Thanks for the points...glad I could help!