Remote desktop and VPN on Windows 7

29/11/12

Should I use Port forwarding or VPN?

Setting up the destination machine

Here are two possible scenarios, use one or the other.

  1.  You will need Administrator rights to do the following.
  2. Click Start, right click COMPUTER > select Properties. Click 'Advance System Settings' on the left.. (or Click Start and type sysdm.cpl in the search box)
  3. Click the Remote tab, select the Allow users to connect remotely to this computer check box, and then click OK.

Firewall

Next, make sure Windows Firewall is set up to allow exceptions. This will probably have been setup automatically but its worth checking.

1. To check the firewall; In the Control Panel, click Windows Firewall, then Advanced settings, on the left column.

2. Select Inbound rules and scroll down to Remote Desktop. Expand it to the right and check that its Enabled and that the port is set to 3389.

On the Client computer you will need to create a similar rule except it will be outbound, if one does not already exist.

If Remote Desktop not there you can click on New Rule, on the right column. The rule Type is PORT. > The TCP port is 3389. > Select Allow the connection. Then chose the locations where this connection will be used. Most likely your normal LAN cable will be associated with the Private networklocation. If you have Domain in the list you probably will need to select this too as most likely your computer will be at work when you remote to it.

3. If the VPN is not working you could try and turn the firewall off to test. Open Windows Firewall and Click on Turn on or off on the left column.

IP Address

Click start > Click Run and type CMD and press ok.

Type "ipconfig /all" This will display your IP address for that machine note this down and continue to port forwarding.

Its a good idea to set a static IP address on the destination computer, as they change occasionally.

Port Forwarding

The final step is to enable connections from outside your network to connect to the computer running Remote Desktop. Remote Desktop runs on port 3389, so you need to tell your router that anytime someone "calls in" on that port that they are forwarded to the correct computer. This is handled by your router's web interface. An example is shown below, so you open a web page and enter the routers IP address (this is your default gateway)

And then find port forwarding and forward port 3389 to the IP address of the computer.

While you are there, find the Status Menu and look for the external IP address.

You will need this on the Client computer.

Possible Logins for the router

Linksys Router login

Username:   admin           PW: admin
Username:   Admin           PW: admin
Username:   (Leave blank) PW: admin

3Com Router login
IP:   192.168.1.1
UN:   admin           PW: admin

D-Link Router login
IP:   192.168.0.1
UN:   admin           PW: (leave blank)

Netgear Router login
IP:   192.168.0.1
UN:   admin           PW: password

Part 2: on the Client Computer

If you are using RDP from outside the network, eg from home to work, then you will need to use the External IP address of your router, (or use a VPN connection instead.) To find the external IP of the destination router go to the router web page again and select the Status menu.

Connect your remote computer to the host computer

If you are connecting from one computer to another inside of work then you can just use the IP or computer name of that computer eg, \computer1 or 192.168.0.3.

 

To connect from a computer, which is the client computer to your work (or host) computer, follow these steps:

1.On your Client computer, click Start, point to All Programs, and then point to Accessories.
2.In the Accessories menu, point to Communications, and then click Remote Desktop Connection. (or in the search box type mstsc)

3.

In the Computer box, type the external IP of the destination router

??? . ??? . ??? . ???:3389

4.

Click options and then save as and select desktop and give it a name, now double click the icon on the desktop.

5.

When the Log On to Windows dialog box appears, type your user name, password, and domain (if required), and then click OK.

 

The Remote Desktop window opens, and you see the desktop settings, files, and programs that are on your host computer, which in this example is your work computer. Your host computer remains locked, and nobody can access it without a password. In addition, no one will be able to see the work you are doing remotely.

To end your Remote Desktop session:

1.

Click Start, and then click Log Off at the bottom of the Start menu.

2.

When prompted, click Log Off.

 

Setting up VPN on Windows 7

To set up a VPN network:

Open the control panel, (look at the top right corner and set it to Icon view rather than category)

Open Network and Sharing Centre. >

Set Up a New Connection or Network. > Connect to a Work Place > Create a New one. > Use My internet connection. (or specify a particular connection like Mobile broad band.)

Type in the URL address or the IP address you have been given for the router on the destination network. > Next, Type the User name and Password and tick remember. Follow it through to finish.

 

Once this has finished you can see the VPN icon in the bottom right hand corner, it looks like a monitor. Right click on the connection name you just made and select Properties.

You should not normally need to change the type of encryption, unless otherwise specified, so it should look like this:

If you are using mobile broad band or dial-up to connect first then click on the general tab and tick the dial box.

P.S.

Firewall.

You should not normally need to change the firewall settings as it should automatically add the exception as you make the VPN. If you do because you receive Error 809, then you need to open Control panel> Windows Firewall > Advanced settings and add rules for outbound traffic.

To use an L2TP - based VPN, you must create a rule to allow outbound UDP connections on port 1701. You should apply this to the Private and Public profiles (Domain should not be necessary - but if this fails, try Domain as well).

 

To use a PPTP - based VPN, the same applies, however you must allow TCP port 1723.

To use an IPSec - based VPN, the same applies, however you must allow UDP port 500.

Routers:

Some router /  protocol combinations may also require that you modify router settings to allow them. My D-Link DIR-625 has a specific "tick-box" to allow certain protocols, such as PPTP. Your best bet if you use a router is to consult your router manual / your router's settings if opening your port locally is not successful.

let's start the ball rolling

Fill in the form or use the contact details below and we’ll get our expert team to put together a package that’s personal to your business.

hello@resolve.co.uk
Sales: 0114 213 4555
Support: 0114 299 4050