DHCP
First, make sure the workstation gets the same IP address every time it connects to the network. You can do this by either setting it to a static IP outside of the DHCP range, or set a "reservation" in your DHCP server. In this case, the DHCP server is a Windows 2003 SBS server, and I've set a reservation.
In this example, the user is "Jim" and the local IP address of his workstation into which he would like to remote is 192.168.21.30, as seen below in the list of reservations.
The RDP Port
Now that this machine is set to get the same IP at every connection, you need to change the port that RDP listens on. This is detailed in this post. For this example, the workstation is listening on port 3392.
The Address Objects
Create an address object for the computer. Give the object a name you'll recognize.
Service Objects
You need to create two service objects, one for TCP traffic on port 3392 and one for UDP traffic on port 3392. Name them something you'll recognize
Service Group
Create a service group, and add both service objects you created above. Name it something you'll recognize
NAT Policy
Create a NAT policy. Make sure to put in a comment identifying the purpose of the policy. Use the following values:
Access Rule
Create an access rule. Make sure to put in a comment identifying the purpose of the policy. Use the following values:
RDP Connection
Test the RDP connection from outside the organization. Make sure you put the port number at the end of the public IP (or corresponding URL).
This was great! Really well spelled out. Thanks so much!
ReplyDeleteGlad to help! I have looked back on it myself a few times. I was surprised when I couldn't find this information online anywhere else...
ReplyDelete