Re: FN-FORUM: Remote desktop problems

date posted 1st August 2007 16:22

On Wednesday 01 August 2007 17:21:57 Adam Reynolds wrote:

> Except I think he wants to connect to a number of machines behind his
> router. So he needs to connect to one machine through the router and
> then use that computer as a base for connecting to the others. A bit
> complicated but should work.

Sounds to me like the router is already set up to forward port 3389 to
the mail server - or else the mail server has been DMZ'd, i.e. *all* ports
are forwarded. (Which isn't a terribly good idea).

Most half-decent routers allow you to forward an arbitrary port to any
other, so the simplest thing here is to set up the router to forward
3389 to 3389 on the mail server, and 3390 to 3389 on the work PC.

Then in the client you simply put "domain.com:3390" to connect to
the work PC. Changing the listening port on remote desktop
involves messing with the registry, which is something I avoid as it
raises my blood pressure every time.

Personally for remote connections I tend to tunnel *everything* through
a single SSH connection - as Colin has noted you can tunnel individual
ports to other machines on the remote network. I use a non-standard
port for the SSH connection to stop the log files filling up with weak
password logon attempts. Unlike Windows I trust the security in SSH.
(And, ooh, look what I found, there's a flaw in the RDP security:
http://www.securiteam.com/windowsntfocus/5EP010KG0G.html )

If the router setup can't be changed, then another option is a LogMeIn
account - I've found this to be surprisingly fast, and it's free for the basic
service.