11 replies to this topic

[LilSnoop40]

question, i have never had luck with RDP from either my home pc to my work pc or vice versa? is there any suggestions or help with this. i have the firewall turned off my both pc, the windows firewall allow's access to RDP. i got the ip's via what's my ip? still can't connect.

thanks

[majortom1981]

LilSnoop40, on 30 July 2012 - 12:09, said:

question, i have never had luck with RDP from either my home pc to my work pc or vice versa? is there any suggestions or help with this. i have the firewall turned off my both pc, the windows firewall allow's access to RDP. i got the ip's via what's my ip? still can't connect.

thanks

Is your work blocking those ports?

[Max Norris]

Do you have the ports being forwarded on your router on the server end? (Erm 3389 I think if I remember right, might want to Google that to confirm.) Also running with the firewall turned off and exposing RDP to the internet is a tad of a security risk.

[LilSnoop40]

yes, i have my router forwarding that one port 3389, think i read it there is multiple pc when connection you would put in the ip:3389 and up 3390... etc. and i don't think my work is blocking them cause when IT remotes in from corporate its fine.

[LilSnoop40]

when i ping my home pc's ip via what's my ip it doesn't respond, but if i ping the gateway not the router gateway it reply's

[Max Norris]

LilSnoop40, on 30 July 2012 - 12:34, said:

when i ping my home pc's ip via what's my ip it doesn't respond, but if i ping the gateway not the router gateway it reply's

If you're on a router your WAN IP isn't really yours, but that of the router. Chances are your router is just dropping those ICMP packets.. some will ignore them by default unless told otherwise for security reasons, depends on who did the firmware.

If you're trying to connect to your home machine from work then yea, you'll need port forwarding on your router. Also the blatantly obvious besides the firewall permissions, make sure terminal services is running and is also enabled via system properties on the remote tab, you user account is allowed to connect and all that good stuff. If you're just trying to connect to work from home then you won't need the forwarding on your end, just the server side.

Also, if its a corporate setup you're trying to connect to, are you sure it's just a "straight connection" by IP and not some sort of VPN, SSH tunnel or the like? Using the default ports or were they changed? Does your account have permission to connect? Something like RDP often isn't just left hanging out for anyone on the Internet to try and connect to.

[ChuckFinley]

LilSnoop40, on 30 July 2012 - 12:21, said:

yes, i have my router forwarding that one port 3389, think i read it there is multiple pc when connection you would put in the ip:3389 and up 3390... etc. and i don't think my work is blocking them cause when IT remotes in from corporate its fine.

It certainly doesnt do that! It should map 3389 to one internal IP address.

[+BudMan]

"i don't think my work is blocking them cause when IT remotes in from corporate its fine. "
"when i ping my home pc's ip via what's my ip it doesn't respond"

So first did you enable in your router to respond to pings - quite often this disabled by default. So if you want to ping, then you have to allow for that on the router which is what has the public IP address your trying to ping - right?

As to IT from corp? Why would they be coming in through your internet firewall. I would assume if they are your corp, then they would be on your network, be it remote location or even vpn, etc. Its not like they would be just like some billy bob random internet connecting in.

Nor does inbound at your work have anything to do with you going outbound to your home. Did you mean that IT at your location rdp's to outside boxes all the time? If not then what your corp IT does with remote desktop has little to do with what your trying to do with.

I can tell you pretty much most corp IT dept that are anything more than a ma and pop shop would be blocking outbound nonstandard ports. Sure they allow for 80, 443, maybe ftp 21, etc. But normally every other outbound port is blocked.

Tell you what, if you want me to test - just PM me your public IP, and i will see if remote desktop responds, this will tell you if work is your problem or not.

On the other hand I would not allow rdp open to the internet, if you have it locked down to your work IP ok not so bad - but just open to the public internet where anyone can try and brute force your username/password - not such a good idea.

If you want to remote your home machine, use teamviewer or logmein or a vpn into your network vs just wide open remote desktop.

[+sc302]

Ok first off "i have the firewall turned off my both pc, the windows firewall allow's access to RDP. i got the ip's via what's my ip? still can't connect."

You do realize that you have to enable this on your firewall/router for you to even begin thinking that this is going to work, right? Unless you are using a vpn to connect to your home and/or to your office. Just because you have your outside ip address doesn't mean you are going to be able to do squat with it. You can disable your windows firewall all day and night and not have access.

Your office probably has nat enabled, meaning they are only letting their inside network connect to your computer. If you are vpn'd in, they are inside your network through a secure tunnel. Basically, they would have to create rules in their firewall to allow access to your computer from the outside using a rdp client.

Please use logmein or teamviewer to make your life easy without having the need to open holes in your firewall or asking your company to open holes. If you can't run those applications they obviously do not want you to use it.

[LilSnoop40]

is it possible for me to RDP to my house from my work pc or any other pc that matter? is it a hard setup. i figured if the ports were forwarded and i had access to do RDP it would connect.

thanks

[+BudMan]

Yes is it quite possible to do. You need to verify a few things is all.

1) that where your at allows the port your wanting to use - default 3389 outbound.
2) You have forwarded the port that your using to the correct private IP that is listening for RDP. have you verified rdp works from another machine on your local lan?
3) Are you running firewall on your rdp box, if so you have to allow for access from whatever remote IP you would be accessing from, or allow for any. It might be possible that your host firewall only setup to allow access from local network.
4) Your not behind a double nat? See this all the time with users that can not get inbound things to work. What device did you setup the forward on? What is that device plugged into? Many many users home networks are double natted - because they don't know any better, and their ISP gave them what they called a modem, but is really a NAT router - sometimes yes even when said device only has 1 ethernet lan port. They then configure another NAT router behind that and don't understand why their port forwards are not working.

In this list 1) is out of your hands. You normally don't have control over what ports our outbound open at your location - quite often 3389 would be blocked!

in 4) double nat - if your isp puts you behind a nat - not so common, but have seen it with like sat subscribers where their edge "device" get a private IP from the ISP. If that the case your pretty much out of luck with anything unsolicited inbound.

Keep in mind that if port 3389 is open at location A, when you go to location B it might be blocked. Also from security standpoint I would not suggest allowing public internet access to remote desktop. If so you better make sure you lock it down to your specific "unique" username - not something like admin or administrator, root, user, etc.. And VERY SECURE PASSWORD!!

VPN, teamviewer, logmein are much better methods of allowing remote access to machines on your network or your network in general.

[+sc302]

LilSnoop40, on 30 July 2012 - 17:30, said:

is it possible for me to RDP to my house from my work pc or any other pc that matter? is it a hard setup. i figured if the ports were forwarded and i had access to do RDP it would connect.

thanks

As budman stated yes it is possible.

3389 has to be open at the gateway level prior to anything else. 3389 has to be pointed to the pc at the gateway level to allow rdp communication to happen using the port forwarding feature on your router/modem. Then the software firewall on the computer would need to have remote desktop allowed or 3389 allowed or the firewall disabled on that trusted network. Once these 3 things have been completed, then (and only then) will you have access to remote desktop from your computer at work...provided that work is not blocking 3389 from going out the firewall (this is easy to do on a corporate firewall).

Please note: We do not know what equipment that you have at your house to give the best advice. In a single router/firewall scenario this would work perfectly...in a dual or tripple router/firewall scenerio this would be a pain as each device would have to have 3389 forwarded through it, and many times they do not like to send traffic through to the next device down the pipe. Teamviewer and Logmein are much better alternatives as they create an outbound connection, there are no ports to open or really have any networking envolvement other than you installing software.