Remote Desktop Connection

Level Extreme platform

Subscription

Corporate profile

Products & Services

Support

Legal

Français

Remote Desktop Connection

Message

From

25/04/2008 00:38:10

Al Doman
M3 Enterprises Inc.
North Vancouver, British Columbia, Canada

24/04/2008 19:17:05

Kevin Marois
Marois Consulting
Winchester, California, United States

General information

Forum:

Windows

Category:

Remote access

Title:

Re: Remote Desktop Connection

Miscellaneous

Thread ID:

01313032

Message ID:

01313071

Views:

>I cannot seem to get RDC to work.
>
>Allow Remote User's is on.
>
>I have set the port to 3389, and created a static IP. I can ping the IP, 71.189.113.60, from this PC, but not from other PC's.
>
>Can anyone else ping me? Anyone know what I'm doing wrong?

If you're smart, you have a router with at least a NAT firewall between your computer and the public Internet. A typical scenario is something like this:

Router WAN IP: 71.189.113.60
Router LAN IP: 192.168.1.1
Most consumer broadband routers assign LAN IPs via DHCP starting at .100, so your PC probably has an IP address of 192.168.1.100

By default, your router is doing its job and blocking all incoming traffic. What you need to do is:

1. Change your PC to use a static IP address outside the router's DHCP scope e.g. 192.168.1.10. You will also have to set the subnet mask to 255.255.255.0, gateway to 192.168.1.1 and the DNS servers to whatever they are now (check in a CMD window with ipconfig /all).

You need to change your PC to a static IP because if it changes, the router config (below) will no longer be able to find your PC.

2. Reconfigure your router to forward incoming traffic on port 3389 to the new static IP address of your PC. Typically this is done by logging in to your router's Web admin page - usually something like http://192.168.1.1 . Check your router documentation - this is usually in an "Advanced" section under "Port Forwarding".

3. CRUCIALLY IMPORTANT: set up strong password(s) on all the accounts on your PC ( http://www.microsoft.com/protect/yourself/password/create.mspx ). If you open a common port to the public Internet, crackers with port scanners will quickly find your PC and start trying to crack its accounts. One strategy to reduce the risk of doing this is to change the default listening port for RDP: http://support.microsoft.com/kb/306759 . Of course, if you do this, change the port you forward in your router config as well. You will also have to remember to tell your remote client to use the non-standard port as well (link at the bottom of the previous reference).

Also be sure your machine is fully up-to-date with patches and has an up-to-date AV app in place.

Regards. Al

"Violence is the last refuge of the incompetent." -- Isaac Asimov
"Never let your sense of morals prevent you from doing what is right." -- Isaac Asimov

Neither a despot, nor a doormat, be

Every app wants to be a database app when it grows up

Map

View

Click here to load this message in the networking platform