ClioSport.net
Register a free account today to become a member!
Once signed in, you'll be able to participate on this site by adding your own topics and posts, as well as connect with other members through your own private inbox!
-
When you purchase through links on our site, we may earn an affiliate commission. Read more here.
how do you guys RDC many machines on a FW?
- Thread starter cava83
- Start date
The only way to do it to individual machines, is to get each person to VPN in first (PPTP probably), then RDP to their internal IP/computer name.
Unless you have 10 spare public IPs lying around you can assign PC too? (but this is a major waste of IP space, and obviously you're opening up probably XP machines on RDP to the world)
Unless you have 10 spare public IPs lying around you can assign PC too? (but this is a major waste of IP space, and obviously you're opening up probably XP machines on RDP to the world)
Rav4
the way it's set up at the moment is the FW forwards the port to the internal IP of each machine.....
i.e xxx.xxx.xxx.xxx:3889 > 192.168.0.100
xxx.xxx.xxx.xxx:3890 > 192.168.0.101
however, this is not tidy, opens 10 ports up = less safe.
I have 15 ip's, 13 spare, but don't want to go down that route.
using the ports like this, means that each machine's registry has been hacked, to change the listening port.
Terminal services lol, not for this guys,.
VPN , thought about it, but not done that before......
I have 81 users, 10 in one department don't use Citrix..... so they use their own server, otherwise this would be easy.
Sirius is what everyone else uses. (citrix over HTTPS basically)
i.e xxx.xxx.xxx.xxx:3889 > 192.168.0.100
xxx.xxx.xxx.xxx:3890 > 192.168.0.101
however, this is not tidy, opens 10 ports up = less safe.
I have 15 ip's, 13 spare, but don't want to go down that route.
using the ports like this, means that each machine's registry has been hacked, to change the listening port.
Terminal services lol, not for this guys,.
VPN , thought about it, but not done that before......
I have 81 users, 10 in one department don't use Citrix..... so they use their own server, otherwise this would be easy.
Sirius is what everyone else uses. (citrix over HTTPS basically)
you can set up a port forward to the machines with 1 external address and then rdp to it like this 82.33.32.103:3390 where you've forwarded port requests for 3390 from outside to a specifc machine. You do have to modify the windows firewall on each machine though so u open up that port for rdp using 'internal & external' ports on the windows firewall, the external one is the one you chose (in this case 3390) but the internal one is 3389 as thats the port that the machien is looking for rdp requests on
the way it's set up at the moment is the FW forwards the port to the internal IP of each machine.....
i.e xxx.xxx.xxx.xxx:3889 > 192.168.0.100
xxx.xxx.xxx.xxx:3890 > 192.168.0.101
however, this is not tidy, opens 10 ports up = less safe.
I have 15 ip's, 13 spare, but don't want to go down that route.
using the ports like this, means that each machine's registry has been hacked, to change the listening port.
Terminal services lol, not for this guys,.
VPN , thought about it, but not done that before......
I have 81 users, 10 in one department don't use Citrix..... so they use their own server, otherwise this would be easy.
Sirius is what everyone else uses. (citrix over HTTPS basically)
Majorly dirty, as you have to manually edit the registry on the PCs for RDP to listen on a different port etc..
VPN is the only sensible way.
Get SBS
Ugh, SBS.
Altho, it does have it's place sometimes..
Rav4
yer it's handy
however, the system is all messed up and so untidy.
what they want is to have dumb terminals implemented throughout the group, well, that's what the IT manager wanted before he left.
One office uses a workgroup, no server, no AD nothing.
The other office uses windows 2003 with exchange, AD used throughout all the users but exchange only used for 10 users.
all other users use hosted exchange with published apps through hosted citrix.....
So messy
however, the system is all messed up and so untidy.
what they want is to have dumb terminals implemented throughout the group, well, that's what the IT manager wanted before he left.
One office uses a workgroup, no server, no AD nothing.
The other office uses windows 2003 with exchange, AD used throughout all the users but exchange only used for 10 users.
all other users use hosted exchange with published apps through hosted citrix.....
So messy
Revels Mum & Sister
LOL what a mess I feel for you. I would suggest getting them all on the domain, if nothing for security alone.
VPN would be the way forward like Daz said.
SBS does have its place in small companies. We use it for several of our clients, the built in VPN SBS Connector is pretty easy to setup and use. Obviously this might not be an option.
VPN would be the way forward like Daz said.
SBS does have its place in small companies. We use it for several of our clients, the built in VPN SBS Connector is pretty easy to setup and use. Obviously this might not be an option.
Similar threads
