How to configure a router for remote desktop

Posted by Aseem on Thursday, November 20th 2008   
20
Nov

I’ve previously written several articles on remote desktop, including how to enable remote desktop on a remote computer and how to access local files and folders during a remote desktop session. I’ve even written about how to block remote connections to a PC!

Yet I have not talked about how to actually configure a router for remote desktop so that you can connect to your computer from outside of the local network. Once you enable and setup remote desktop, you have to configure your router to forward the remote desktop port (3389 by default) to the correct computer on your network.

This is called port forwarding and the method is slightly different depending on which brand router you are using, i.e. LinkSys, D-Link, Netgear, etc. However, if the instructions below do not help you in determining how to setup port forwarding on your router, then just perform a search for “router port forwarding”, where router is the brand name of the router.

Setup router for Remote Desktop

First, you need to log into your wireless router at home by typing in the local IP address for the router in your Internet browser. If you don’t know the IP address of the router, go to Start, Run, and type in CMD. Then type IPCONFIG and the address for the router is the Default Gateway entry.

configure router remote desktop

Now type that into your browser and log into your router. If you do not know the admin username and password for your router, you can reset the router by pressing the reset button on the back and then go to any one of these default router password list sites:

http://www.phenoelit-us.org/dpl/dpl.html

http://www.routerpasswords.com/

http://www.governmentsecurity.org/articles/DefaultLoginsandPasswordsforNetworkedDevices.php

Once you are into the router, look for anything along the lines of Port Forwarding, Virtual Server, or Applications and Gaming. I tried to find a couple of screenshots of how it would look on LinkSys, D-link and Netgear:

linksys port forwarding

dlink port forwarding

netgear port forwarding

Now you will either be able to choose the service from some kind of drop down that will have a list like FTP, HTTP, TELNET, etc and if they have Remote Desktop or RDP, then choose that. Type in the IP address in the corresponding box and you’re done.

If the service does not show up in the list, then you have to either add a custom service or there will be some blank boxes where you can enter in the information. On my Linksys router, for example, I have a bunch of empty text boxes in a table.

I would enter Remote Desktop for the application name, 3389 for the internal port, 3389 for the external port, choose both TCP and UDP as the protocol, type in the IP address for the computer I want to connect to, and check the enabled box.

setup remote desktop router

On a D-link router, it’s called Private port and Public port instead of internal and external port, but it’s always the same number 3389, so you can’t get confused. On Netgear, it’s called Start port and End Port.

Now everything should be set for you to connect to your computer from outside the local network. In order to connect from outside, you will have to get your external IP address, which is simple. Just go to www.whatismyip.com and it will give you your external IP address.

what is my ip address

 

The only issue that can come up is if your do not have a static IP address with your ISP. Most home users get a dynamic IP address that changes every so often. This makes it extremely hard to connect remotely because it will fail once the IP address changes.

In order to fix this problem, you can read my in-depth article from Online Tech Tips that talks about how to setup Dynamic DNS for remote desktop to your PC. Any questions? Post a comment! Enjoy!

Filed under: Networking

Share This Article
Add to Delicious

Save this page

 Mixx it

Stir it up on Mixx

Reddit

Add to Reddit

 StumbleUpon

Stumble this page

 Digg

Submit to Digg

Related Posts

15 Comments Already

commenter
briank Said,
November 20th, 2008 @11:33 am  

This a well written and technically accurate walk-thru, but I would seriously caution against allowing RDP across the Internet. While the RDP protocol is encrypted, it is susceptible to MITM (Man-in-the-middle) attacks because it has no means to verify the host. Also, if the local administrator account is enabled and has the default name, attackers can guess at the password all day and will never get locked out.

Encapsulating the RDP traffic into a certificate based VPN or SSH tunnel is resolves both of these issues. Personally, I use PuTTY to SSH into my router (Linksys WRT-54G running DD-WRT v24 firmware) and then open. PuTTY is configured to forward local port 3390 to port 3389 on my home computer, so all the traffic goes through the SSH tunnel. When using SSH over the Internet, always make sure to use certificate authentication.

commenter
Aseem Said,
November 20th, 2008 @2:43 pm  

Hi Brian,

That is definitely a more secure way to connect to a home computer using Remote Desktop. I used certificates when connecting to a server at my office.

I wrote about this method for the common man because setting up SSH or a VPN is technically pretty hard. I would suggest people use complex and strong passwords if they do end up using Remote Desktop without SSH or VPN.

commenter
TonyM Said,
February 24th, 2009 @3:03 pm  

Hi Aseem – thanks for a great article – they don’t make this easy, do they?! I still have a couple of problems – (1) the computer I’m trying to connect to is on a Netgear router hooked to a cable modem, so the IP address I get from ‘what is my IP address’ is the router, I think, because it’s the same for all computers on the network. Can you tell me how I get through the router to the specific computer? (2) then at the home end, I’ve got a Linksys router, which has a ‘port range forward’ facility, but like the example in your illustration, the only variable is the last digit – this suggests that it in fact wants to know the IP address allocated to my PC from the Linksys, because the ‘default gateway’ IP on the Netgear (at the office), whilst similar, has one digit different – one that can’t be changed on the Linksys setup page. Thanks for your help.

commenter
rochak Said,
June 2nd, 2009 @11:29 am  

I want to enable port forwarding on my router. I have dynamic IP so I have got a static dns created for myself (using dynDNS). Now, how do I enter the dns name in my linksys port forwarding page? As per your screenshot also, linksys only allows portforwarding by entering IP numbers!! where do I enter my dns name?

pls help . thanks

commenter
ArkBark Said,
September 24th, 2009 @4:52 pm  

(Encapsulating the RDP traffic into a certificate based VPN or SSH tunnel is resolves both of these issues. Personally, I use PuTTY to SSH into my router (Linksys WRT-54G running DD-WRT v24 firmware) and then open. PuTTY is configured to forward local port 3390 to port 3389 on my home computer, so all the traffic goes through the SSH tunnel. When using SSH over the Internet, always make sure to use certificate authentication.)

Can you explain how: PuTTY is configured to forward local port 3390 to port 3389 on my home computer, so all the traffic goes through the SSH tunnel. When using SSH over the Internet, always make sure to use certificate authentication.

This will be very useful…..

Thanks

commenter
AlbertoMichieli Said,
November 4th, 2009 @12:46 pm  

How can I setup a dual router – 1 open and the 2 close – 2 is connected to the modem

1 is netgear
2 is linksys

I put 2 with wpa
1 is open/free wifi

but if I connect the 1 to the 2 I can see all the machine when using the 1 for internet

Thanks

commenter
Sacha Said,
December 12th, 2009 @7:11 am  

Hi,

I’m trying to figure out how to open ports on my planet4401 router, but I don’t see it! Can’t even find anything that looks similar to what is in this guide…anyone know?

commenter
Tony Said,
February 7th, 2010 @11:19 pm  

Networking is not my strong point, but I can follow the directions in this article for the most part. I am able to log into my router, but my confusion is with the following: “I would enter Remote Desktop for the application name, 3389 for the internal port, 3389 for the external port, choose both TCP and UDP as the protocol, type in the IP address for the computer I want to connect to, and check the enabled box.

Specifically, what is the “type in the IP address for the computer I want to connect to”? The example shows ‘123′, but where did that number come from?

commenter
Ravis Said,
February 16th, 2010 @12:44 am  

Is there any way to download a configuration file for my router that I can just click and run? I cannot do this myself!!!

commenter
tiem275 Said,
April 20th, 2010 @8:33 pm  

Thanks for the clear instructions! Remote desktop is working like a charm!

commenter
fullafrisky Said,
May 15th, 2010 @2:00 pm  

I am confused regarding the IP address to enter to configure my lynksys router for RDP. My IP address is not the IP defaulted by the router. The configuration menu only allows the last thee digits to be entered (you entered 123 as an example). I am sure it is very simple, but I don’t get it.

commenter
Welber Said,
May 27th, 2010 @8:31 am  

Muito bem explicado mas o meu e um D-link 500b e nao consgui ja fiz tudo, posso esta deixando de fazer alguma coisa voce poderia me ajudar com isso, passando passo a passo.

Pingback & Trackback
mygif
Pingback from How to open and forward ports on your router
December 3rd, 2008 @6:46 am  
Please Leave Your Comments Below

Please Note: All comments will be moderated

«
»