Windows Server/Network Guru needed - Server 2012 RDP Over Internet

[fxit_man]

Hi Guys

So I have a HP Microserver connected to a router which is connected to the net. I want to RDP into this server over the internet.

I have LAN Remote Desktop working (RDP), however I want to access this server RDP over the internet.

I thought I have to do the following:
- Set up VPN server on the server
- Set up Dynamic DNS
- Once I have set up VPN, I can connect to VPN on client computer, and then RDP into the server.

Is the above incorrect?

I have managed to successfully set up the VPN server and connect to it using the dynamic DNS, but once I'm connected I can't seem to RDP into the server. This works on LAN however.

The IP of the server is 192.168.1.5, and from what I saw, the IP it assigns the VPN connection is 192.168.1.30.

Would appreciate any assistance. Want to avoid the LogMeIn/Hamachi route if possible.

Thanks!

P.S. I read it's not recommended to expose your server straight to the internet like that, hence the reason I wanted to go VPN? Is it not possible using the above method? I know I can forward port 3389 and it all works great, but surely this isn't ideal for security?

Is the VPN method above safer? Or only if it's SSL VPN? Sorry quite noob at this..

 

[Evo1ve]

Hi fxit_man,

1.Are you able to ping the Windows server from your client VPN connection?
2.Are you using Windows as a VPN server or one of your routers?

 

[fxit_man]

Hi Evo1ve. Thanks for the reply.

1.Are you able to ping the Windows server from your client VPN connection? I tried to ping 192.168.1.5 from the client VPN connection, did not reply.

2.Are you using Windows as a VPN server or one of your routers? I'm using the Windows Server machine as the VPN server. Just added the role and set it up. It seems it's a configuration with the VPN server. So does that mean if I'm VPN'ing to the server itself, I need to RDP to the VPN localhost or what? Bit confused with this. Thanks.

 

[rrh]

I'm no expert, but you may find it easier with LogMeIn products ( https://secure.logmein.com/welcome/products/ ) or
GBridge ( http://www.gbridge.com/ )

 

[koeksGHT]

DynDns and port forward is all that's needed?

 

[Evo1ve]

Could be your Windows Server Firewall software causing the issue?
See if you could Ping your Sever's gateway (ADSL modem?) from the VPN client's side.

 

[fxit_man]

koeksGHT - I've done this. But I don't want to expose RDP directly to the net through port 3389 or whatever. Just thought VPN would be better/more secure.

@rrh - thanks, i did consider logmein, but I think you need a premium subscription to use the unnattended machine version/feature, and thought if server has a built in VPN connection why not use that. I have the VPN working just need clients to be able to see the server itself! Sure it's just a simple config!

@Evo1ve - I couldn't ping any machine on the network in fact, and I disabled Server firewall to test and results were the same..

Thanks all!

 

[durbandave]

koeksGHT - I've done this. But I don't want to expose RDP directly to the net through port 3389 or whatever. Just thought VPN would be better/more secure.

@rrh - thanks, i did consider logmein, but I think you need a premium subscription to use the unnattended machine version/feature, and thought if server has a built in VPN connection why not use that. I have the VPN working just need clients to be able to see the server itself! Sure it's just a simple config!

@Evo1ve - I couldn't ping any machine on the network in fact, and I disabled Server firewall to test and results were the same..

Thanks all![/

If you run a port scan on the server after connecting to VPN do you see the rdp port?

Also run a tracert and see if the traffic is being sent over the vpn

 

[fxit_man]

I'll check it out thanks durbandave

 

[web_dude]

I think your port forwarding is the easy route. I personally use port forwarding with port translator, so I use some odd port numbers to connect via RDP (and the firewall translate the port number to the right port).

 

[grim]

Check that the firewall on the device you are connecting from is allowing outbound RDP connections.

Also what is handling DHCP on your network?

 

[])ragon_\/oid]

The question is, do you really need to use RDP?

If you don't really need to use RDP, try TeamViewer as well. Nothing wrong with TeamViewer. Teamviewer is easier to use (No port forwarding required), and offers more security. I usually connect to my servers at home for hours at once via Teamviewer.

So basically, you can go the hard way and use RDP, or you can install one application that works like a charm.