Wow - what a cool article! I always wondered how to do this with Windows. Can you elaborate on this note a bit? "Note: you may need to use either a static IP-Address or ensure your router always gives your home PC the same internal IP-Address by using a reserved range in your DHCP settings. Otherwise it can sometimes change when you reboot."

Sure, I'd be happy to elaborate on that part:

When you have a PC on your home network it usually gets an internal IP address assigned to it from your router. This is provided by the “DHCP server” in your router.

A DHCP server typically hands out IP addresses from a particular range. Eg. 192.168.0.10 to 192.168.0.50. When a new computer enters your network and asks for an IP address, the DHCP server just give it one that isn't being used. Every time your reboot your PC it will need to get a new IP address. You may get lucky and get the same IP address back. Most of the time you won't and you will get a new one assigned from the range.

In step 4 of the article above, you'll notice that when you setup a port forwarding in your router, it has to go to a specific IP address. So if you setup the rule, reboot your PC and you get a new IP address then your port won't be mapped to the right computer anymore and you won't be able to get access from work.

To ensure that your computer always has the same IP address, there are two options:

1. Use a static IP address. in your TCP/IP settings for your network card, choose enter an IP that is not in the range handed out by the DHCP server. Lets say 192.168.0.51 using the example range above.

2. Create a static DHCP mapping. Most routers allow you to say "always give a computer with this MAC address the same IP address" in their admin consoles somewhere. In the Netgear WGR624 I have on my desk they call this feature "Address Reservation" in the "LAN IP Setup" section. You can easily find the MAC address of your computer by looking on the Network Map of Network Magic.

Hope this helps.

Boy there are a lot of steps! I'm curious how many of the readers would like to see this become a feature of Network Magic where we automatically do all these steps for you and make remote-desktop available via Net2Go.

Sounds like it might be popular? If so, get your votes in - the more votes, the more likely we'll code it up :)

Thx,
-Brett

I agree with Remote Desktop, however. We have 300+ GoToMyPC accounts, and this is so different departments can access the server, and know when someone else is using it.

How else can you keep track of 300+ servers and have the ability to share with multi users?

What if you want to remotely connect to more than 1 PC behind the router? Will all remote assist requests sent to your WAN ip (aka [yourhostname].home.net2go.com ) only allow for 1 PC to be setup (as there's only 1 3389 port) or is there a way to specify a unique port for Remote Desktop Connections?

Hi Jorden,

Wow - that's amazing you have so many remote users!

In my post I was thinking mostly of the home user scenarios not as a replacement for an enterprise type solution.

But heck, for $15/mo * 300PCs = $54,000 / year I'm sure you could build (or have built) something that tracks what you need.

Assuming in your world, all users and servers are equal – ie. Anyone can connect to any server at a given moment to get what you want done, then how about this:

It's pretty easy in the Win32 APIs (EnumWindowStations) to determine if there is a user actively logged into a Remote Desktop session. You could install a small (NTSERVICE) client on each PC to report this state to a central server that maintains this ‘active session state’ for all PCs in your enterprise. You could then have this central server render a web-page that shows a list of which ones are not in use.

Then when a user wants to use a server they can simply go to the webpage and see which ones are not in use to connect.

Interesting problem!
-Brett

Hi Crispin,

How to have two or more Remote Desktop sessions? … That’s a GREAT question!

Now we’re getting really fancy! … OK to do this, you have a couple of options:

Option 1:
Some routers support Public/Private port mappings. Most SMC routers and several D-Link routers do this. Using this feature, when you setup a Port Mapping on your router you can essentially create rules like:

-"Map Port 3390 (Public) to Port 3389 (Private) on 192.168.1.100" (OfficePC)
-"Map Port 3391 (Public) to Port 3389 (Private) on 192.168.1.101" (BedroomPC)

etc.

This means when you connect to port 3390 on your WAN side, it will go to the computer at 192.168.1.100 and connect on port 3389 (The Remote Desktop port). So lets say you want to connect to OfficePC then you would need to add the extra port to the server connection. You do this by specifying ":[portnumber]" after the hostname.
Eg: "jonesfamily.home.net2go.com:3390"

Option 2:
If your router does not support this feature, then you can configure each computer to run Remote Desktop on a different port. If you know how to use the registry editor then you just have to create this decimal registry value :

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TerminalServer\WinStations\RDP-Tcp\PortNumber

And set it to what you want. Using the same example above, you would pick 3390 for OfficePC and 3391 for BedroomPC. By appending the port number at connection-time, you will be able to reach the right PC. (Eg: "jonesfamily.home.net2go.com:3390")

See Microsoft KB Article Q306759 for a little more info.

Hope this helps! I’m guessing I can count you as a “yes please” vote for us adding this feature in a future release ;)
-Brett

XP Pro is not your only option. Any user with XP Media Center Edition 2005 also has remote desktop capability. I was very suprised to find this. I use RD to manage hundreds of computers for work and was about to upgrade my parents to XP Pro when I found the option. I've tried it and it works perfectly!

Great point Mike, I forgot about Media Center Edition. I think Tablet PC also has Remote Desktop in it also.

Interesting you mention your parents. Tell us more about that - do you use RDP to manage their machines remotely if they are having problems?

The article is great. I have just done the remote access and configured my router. I will give it a try and see if it works, i vote for you adding this to network magic and making it even simpler to configure.

There is one other "gotcha" that I should mention. If you fall into this camp then GoToMyPC is actually a great solution for you.

To be able to get access to your home computer from another network (eg. Work). You need to be able to open a connection on Port 3389 outbound.

Most small to medium sized businesses, ISPs, home networks, coffee shops etc. have firewalls that restrict connections inbound to specific ports, but allow outbound connections to any port. So in these environments RDP will work fine.

If you work somewhere like Microsoft or a big fortune 500 company, these companies often have a lot more restrictions on their firewalls. You might not be able to open an outbound connection on 3389 in this environment.

If I remember correctly, GoToMyPC works over port 80 which is the same port used for web-browsing. Which is more or less universally open in most environments.

I have vonage and in order for net2go to work I have to disconnect my vonage. If i try to put the vonage inside the router it doesnt work, only when i have the vonage between my cable modem and my router does the vonage work, but then i cannot use Net2go. any help appreciated it.

Hi Javier,

I think this depends on what VOIP modem you have.

I also have Vonage and have the Motorola VT1005 modem, which works fine behind my router without mapping special ports.

Your best bet is to check our Knowledge Base on http://www.networkmagic.com/support/. If you don't find a good answer there for your specific modem, then give our support gurus a call (1-888-812-9402) - they would be happy to help you get Net2Go working.

Thx,
-Brett

Thank you Brett for the prompt reply. I finally got it working, and it was my mistake, I have Mac Adress filter and I had to add the Mac adress of the vonage in order to see it in Network magic and in my network. So now I have net2go and vonage working flawlessly, thanks.
Now I am trying to do the remote desktop and its not connecting, my question is what user name and password do we use on the remote desktop logi in screen (in options)??
I have tried several combinations and its not connecting. I am using name.home.net2go.com as computer yet I am not able to log in to the host computer from my laptop. I have net2go enable also on the laptop.

Hi Javier,

My first question is - do you see a window login screen come up when you click the Connect button on the Remote Desktop screen or do you get a "client could not connect error"?

If you get the error, then it is because the Remote Desktop client is not able to connect to port 3389 on your computer. This could be for a number of reasons:

1. Port 3389 is not open on that computer and is being blocked by a software firewall (Norton McAfee etc). To test this theory, try entering the IP-address of this computer in the "Computer" field of the Remote Desktop window instead of name.home.net2go.com, eg.192.168.1.15. (Note: You can also use the "Computer Name" value on the details tab of the network map for the PC you're trying to connect to). If this is your problem, then try disabling your sofrware firewall or opening 3389 in it also.

2. If you can connect using the internal IP address as above, then the problem is that your WAN-IP address cannot be routed inside of your network. Some routers don't support this ability. What this means to you is that you can only use the name.home.net2go.com URL from outside your home, not inside.

If you get this working and it brings up the windows login screen, then to answer your other question about what account do you use:

You should use your windows login username and password to connect. This is whatever account you have setup on this machine. Note that you have to either be an 'Administrator' of the machine, or have explicitly added yourself to the Remote-Users list when you first enabled Remote Desktop.

You can check your account and permissions under Control Panel | User Accounts.

Oh - and one last thing. You don't have to enter the username|password into the options screen. If you do enter it here, then it will automatically connect and log you in once the connection is established. It can be useful to add it here, as then you can save a shortcut with your credentials in to quick-connect every time.

Good luck!

Um... Security? When you do this everything is sent in the clear....

The Remote Desktop Protocol (RDP) is actually secure. It uses RC4 to encrypt the data flowing between the Remote Desktop client and your server.

There are two major vulnerabilities in the security of RDP.

1. If you have a very weak password, it can be dictionary attacked from the outside. Microsoft helps mitigate this with timed lock-out for multiple failed attempts.

2. Some flaws in the RDP design make it possible to perform man-in-the-middle attacks.

A great write up on the Good, Bad & Ugly of RDP security can be found here.

For home scenarios I believe that RC4 encryption, combined with a strong password on all administrator accounts is adequate security for most people.

Will this work with a secure VPN like Hamachi?

I'm not sure how well Hamachi handles RDP.

In theory it should work fine as they appear to work for all IP based traffic.

If you are using Hamachi to join your networks then you won't need to use the Net2Go host name to connect, you can use the Hamachi virtual IP address.

Give it a try and let us know - I'd be very curious.

What about the One Time Password facility equivelant - to be sure that keylogging is not going to be activated and used later - if you are connecting from Internet Cafes etc

Can't get RDC to work on Cox with older Motorola Cable Modem and LinkSys WRT54G Router. Wonder if problem could be the older Cable Modem? have done port forwarding, static IP, all that.
??

Roger,

Sorry to hear that you are struggling getting this to work. I'm not sure if you tried some of the toubleshooting steps I mentioned in the "April 9, 2006 09:42 PM" comment above. First thing is to narrow down if you can connect using internal computer names before trying to connect via the external net2go name.

Good luck!
-Brett.

Hi,
I have set up a couple Remote desktop applications and was successful in doing so. Usually Remote desktop log in will only let you log in when you have a password set on the account. Therefore i usually have 2 Administrators set up on the computer that i am trying to remotely access. One, that the office staff uses which is not password protected, the other account user has a password so that i can remotely log on to. The computer is allowing me log on remotely to the user name without any password over the Internet. How do i prevent that from happening for security purposes
Samer

I would remove the account with no password from the Administrators group and just make them a power User instead. By default all users in the Administrator group have RDP rights.

I'm running XP Home Edition which doesn't seem to have the Server Software (only comes with XP Pro). Can RDC Server be added to XP HE?

Thanks, Mickey

Nope - sorry. Time to upgrade. Vista doesn't ship until next June :)

-Brett

A few questions if I may. Is there any speed loss on Remote Desktop if operating Single PC to Single PC, as opposed to Network to Network?
Presumably only a simple router would be needed on the PC being accessed remotely. Also is the system limited to 256 colours and would there be any problems with utilising local printer(s) if only operating on a PC to PC basis? Any issues with utilising the programs on the remote PC as opposed to just Data?
Thank You

No speed loss or problems using local programs that I am aware of.

You can run up-to 24bit true color I think, and also print to local printers.

Good luck getting it set up.
-Brett

Nicely presented. The only advantage gotomypc would seem to have over the microsoft terminal service (Remote Desktop) is that the microsoft client gadget has to be installed on the remote machine.

Gotomypc at least has a "virtual" viewer that will enable a user at a transient location that does not allow downloaded executables to access his host pc. But the usefulness of this is somewhat limited--file transfers, for example, would not be supported.

Still, for someone on the move (at an airport, or in a web cafe, for example) who just needs to read a file, or execute a db inquiry on a remote machine, gotomypc offers at least this advantage over the Microsoft progam.

I will add only that the microsoft gadget is much improved over earlier versions I had played with.

Thanks for the good work!

Jack

That's pretty complicated for setting up remote desktop. Have you tried LogMeIn. It's as simple to use as GoToMyPC, but is freeware. It's also encrypted.

BTW, I just played with Hamachi. It seems there are some issues with using Remote Desktop and Hamachi (unless you pay for the Premium Hamachi service).

Anyone know of a "backdoor" that can be used to access www.gotomypc.com"? The url is blocked at my office and I am trying to access my home pc.