DataCorp provides a broad spectrum of consulting, programming, Internet development, and hardware services. To schedule a free initial consultation,
please call 713-961-3999 or 800-527-6380.
 
Services Products Corporate Information Resources Contact Us


How to allow incoming remote connections (AKA Terminal Services and Remote Desktop) for Windows systems

Precautions

  • Back up your firewall's configuration before making any changes.
  • If you have to reboot the firewall, it may cause some users to loose their connection to any files they have open on a remote workstation or server, so it is better to ask people to save their work or log off their workstations before doing the reboot.

Assumptions

  • You have a static IP address assigned to the machine that will accept incoming connections. If you have only one static address and you are browsing this site from a PC on your local network, the address will probably be 38.103.63.18
  • The machine for incoming access is a Windows 2000 or later server, Windows XP Professional, or Windows 2000 Professional.
  • You know the IP address and log-in information your router uses for its Web-based administration/configuration, or you are using desktop software that came with your device.

Your IP Address is 38.103.63.18

Steps

  1. Go to the machine you want to allow people to connect to remotely from outside your private in-house network.
  2. Find the network connection icon for the network card and find out what its IP address is.
  3. For a Windows XP machine, Remote Connection is turned off by default. Enable it by right-clicking on "My Computer," choosing Properties, then the "Remote" tab. Put a checkmark under the heading "Remote Desktop." Windows 2000 users have to install "Terminal Services" via the control panel.
  4. Log in to your firewall/router as an administrator.
  5. Find the page or area for allowing incoming (outside the firewall) connections. Phrases to look for include "Port Forwarding," "Port Range Forwarding", "Incoming Access," and "Pinhole Configuration." For Linksys model WRT54G, the section is called "Applications and Gaming Tab - Port Range Forward."
  6. Add a record with the following information:
    Incoming Port or Port Range
    3389. If this is a range, enter the same number in the second field.
    Outgoing Port or Target Port
    3389
    Target Server/Internal IP address/Host
    The IP address you looked up in a previous step
    Incoming Interface (this option may not be present)
    WAN/Ethernet and possibly the static IP address assigned by your ISP
    Protocol
    TCP
  7. The firewall may have to be rebooted before the change will take effect.

DataCorp, Inc. Millennium Tower 10375 Richmond Avenue, Suite 1515 Houston, Texas 1-800-527-6380 713-961-3999