Jump to content
theamazontom

RDP Changing the Default Port Troubleshooting

Recommended Posts

theamazontom

Hey all, this is not specifically a WHS2011 question but more a general remote access question and there wasn't a forum section that fit perfectly, so, here goes...

 

I am trying to set up Remote access to a couple of Win 8 clients and in the net research, it looks like I have to have different RDP ports for my machines in order to be able to remote into my machines when I am away from home (since I have a single external IP address through Comcast).

 

Win8 Desktop1

I set up my first machine (let's call it Desktop1) for remote access using the default 3389 port and was able to successfully RDP into it from within my home network as well as outside of my home network (I made the port forwarding entry on my netgear router to send port 3389 to Desktop1).  Success!

 

Win8 Desktop2

I set up a new port forward of 23389 on my router to point to Desktop2 and made the related registry change on Desktop2 to change the RDP port from 3389 to 23389 based on the instructions I found here:

http://support.microsoft.com/kb/306759.  However, I am not able to RDP into this machine either within my local home network or externally.

 

In trying to isolate the issue (maybe it's the computer itself), I changed the port on Desktop1 (which was working on the default 3389 port) for RDP to 65500 and made the related change on the router to port forward to there on that machine, and it stopped working, similar to Desktop2.

 

Based on this, is there another place where I need to make a setting change in order for the non-default RDP port to work successfully?

 

Thanks,

Tom

Edited by theamazontom

Share this post


Link to post
Share on other sites
ikon

Here's what I do:

  1. Set up router with 2 port forwards: e.g. port 13389 and 23389;
  2. On both of the port forwards set them to forward to port 3389 internally
  3. Direct one port forward to the IP of Client Computer 1 and the other to Client Computer 2

This way, there is no need to change the client computers; they can stay on port 3389. It's a simpler and cleaner setup IMHO.

Share this post


Link to post
Share on other sites
ImTheTypeOfGuy

Here's what I do:

  1. Set up router with 2 port forwards: e.g. port 13389 and 23389;
  2. On both of the port forwards set them to forward to port 3389 internally
  3. Direct one port forward to the IP of Client Computer 1 and the other to Client Computer 2

This way, there is no need to change the client computers; they can stay on port 3389. It's a simpler and cleaner setup IMHO.

 

I assume this opens up some security risk given most people want a different program (ie LogMeIn, etc) to access their machines when they are outside their network? If not, then why isn't this more well known?

Share this post


Link to post
Share on other sites
theamazontom

Just did what you outlined and it works like a charm.  Thanks!

 

I'm now on my actual WHS2011 machine and trying to allow remote access and have set up the HTTP 80, HTTPS 443, and RDP 4125 port forwarding settings on my netgear to point to the same ports on the WHS2011 machine I have, but am still stuck on Port Forwarding is not configured correctly on the router after pressing "Repair".

 

Thanks,

Tom

Share this post


Link to post
Share on other sites
ikon

I assume this opens up some security risk given most people want a different program (ie LogMeIn, etc) to access their machines when they are outside their network? If not, then why isn't this more well known?

 

AFAIK, it isn't any more of a security issue than forwarding the default 3389 port. In fact, I think it's somewhat more secure since you never use the default 3389 port from outside the LAN, and anyone attempting to break into the network by using 3389 from outside the LAN will fail.

Share this post


Link to post
Share on other sites
scottbakertemp

AFAIK, it isn't any more of a security issue than forwarding the default 3389 port. In fact, I think it's somewhat more secure since you never use the default 3389 port from outside the LAN, and anyone attempting to break into the network by using 3389 from outside the LAN will fail.

 

sounds like a big security risk either way to me.

Share this post


Link to post
Share on other sites
ikon

Just did what you outlined and it works like a charm.  Thanks!

 

I'm now on my actual WHS2011 machine and trying to allow remote access and have set up the HTTP 80, HTTPS 443, and RDP 4125 port forwarding settings on my netgear to point to the same ports on the WHS2011 machine I have, but am still stuck on Port Forwarding is not configured correctly on the router after pressing "Repair".

 

Thanks,

Tom

 

Trying to forward standard web ports, such as 80 & 443, can be tricky. One of the items to consider is the router itself. Some routers reserve some of these ports for their own use; for example, for remote administration of the router.

 

This can be an issue, of course, if you want to be able to give friends & family access to a photo album, for example, on your WHS. You can give them a URL with a non-standard port that your router will redirect to the standard port on your WHS, but some people find that an inconvenience.

 

Another option would be to adjust your DNS entries on the internet. I have a DDNS account with a service. I'm able to enter a URL into that account and redirect it to another URL. So, for example, I can set up a URL entry for www.MyWebServer.com and have it redirected to (again for example) WHS.MyWebServer.com:44480. My router would then redirect port 44480 to port 80 at my WHS' IP. Thus, the user would get access to the port 80 web page on my WHS without even realizing they were using a non-standard port to contact my router.

 

Now, you may not need to do all this. Some routers offer the ability to change the port number(s) that is(are) used to access the router's own web page(s). This makes it possible to actually forward ports 80 & 443 to your WHS and still retain the ability to remotely administer the router. This way is much simpler of course.

Share this post


Link to post
Share on other sites
Drashna Jaelre

If you can get the website to work.... it uses port 443 for the Remote Desktop Gateway role... which is basically a RDP proxy.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now




×