Terminal Services (RDC)

[Xan]

I installed Terminal Services (remote admin) on all 4 of my servers today. It works beautifully - I love it, but there are a few issues that I need to figure out.

First - I have to specify the IP, not the computer name... Server1, instead I have to type 192.x.x.x - why?

Second - how can I do this from outside the network? How secure is it? How secure can I make it? What port(s) need to be opened and forwarded? do I port forward to all the servers or just one? etc etc.

thanks for any [H]elp !

 

[Ravenrex]

Forward port 3389 to the internal IP of the server.

As to the names not resolving to the IP on your LAN, is your DNS set up correctly? Is the PDC running active directory and acting as the primary DNS on the domain? If not that could be the source of your problems. The PDC should be running DNS, it should be point toward itself for the primary DNS server address and external DNS servers that it gets its info from should be set in the 'forwarders' section of the DNS service settings.

 

[oakfan52]

DNS is most likely the problem. as for TS from extrnal. I would personally setup a vpn server. vpn in and then TS to what ever server you want.Having port 3389 is a dead give away for TS or RDP.

 

[Xan]

I've never setup any VPN. I am using a Sonicwall PRO for my firewall. What do I need to do to setup VPN?

Do you forward TCP or UDP packets? or both for RDC?

Yes I have DNS setup on my DC. Its also setup using forwarders as well.

 

[SJConsultant]

Originally posted by oakfan52
Having port 3389 is a dead give away for TS or RDP.

And how is this any different or any less secure than having port 1723 open for VPNs?

RDP is encrypted so packet sniffing is out of the question and for the most part, VPN security and Remote Desktop Security are primarily based on user names and passwords.