How to Configure a Router for Remote Desktop

I’ve previously written several articles on remote desktop, including how to enable remote desktop on a remote computer and how to access local files and folders during a remote desktop session. I’ve even written about how to block remote connections to a PC!

Yet I have not talked about how to actually configure a router for remote desktop so that you can connect to your computer from outside of the local network. Once you enable and setup remote desktop, you have to configure your router to forward the remote desktop port (3389 by default) to the correct computer on your network.

This is called port forwarding and the method is slightly different depending on which brand router you are using, i.e. LinkSys, D-Link, Netgear, etc. However, if the instructions below do not help you in determining how to setup port forwarding on your router, then just perform a search for “router port forwarding”, where router is the brand name of the router.

Setup router for Remote Desktop

First, you need to log into your wireless router at home by typing in the local IP address for the router in your Internet browser. If you don’t know the IP address of the router, go to Start, Run, and type in CMD. Then type IPCONFIG and the address for the router is the Default Gateway entry.

configure router remote desktop

Now type that into your browser and log into your router. If you do not know the admin username and password for your router, you can reset the router by pressing the reset button on the back and then go to any one of these default router password list sites:

http://www.phenoelit-us.org/dpl/dpl.html

http://www.routerpasswords.com/

http://www.governmentsecurity.org/articles/DefaultLoginsandPasswordsforNetworkedDevices.php

Once you are into the router, look for anything along the lines of Port Forwarding, Virtual Server, or Applications and Gaming. I tried to find a couple of screenshots of how it would look on LinkSys, D-link and Netgear:

linksys port forwarding

dlink port forwarding

netgear port forwarding

Now you will either be able to choose the service from some kind of drop down that will have a list like FTP, HTTP, TELNET, etc and if they have Remote Desktop or RDP, then choose that. Type in the IP address in the corresponding box and you’re done.

If the service does not show up in the list, then you have to either add a custom service or there will be some blank boxes where you can enter in the information. On my Linksys router, for example, I have a bunch of empty text boxes in a table.

I would enter Remote Desktop for the application name, 3389 for the internal port, 3389 for the external port, choose both TCP and UDP as the protocol, type in the IP address for the computer I want to connect to, and check the enabled box.

setup remote desktop router

On a D-link router, it’s called Private port and Public port instead of internal and external port, but it’s always the same number 3389, so you can’t get confused. On Netgear, it’s called Start port and End Port.

Now everything should be set for you to connect to your computer from outside the local network. In order to connect from outside, you will have to get your external IP address, which is simple. Just go to www.whatismyip.com and it will give you your external IP address.

what is my ip address

 

The only issue that can come up is if your do not have a static IP address with your ISP. Most home users get a dynamic IP address that changes every so often. This makes it extremely hard to connect remotely because it will fail once the IP address changes.

In order to fix this problem, you can read my in-depth article from Online Tech Tips that talks about how to setup Dynamic DNS for remote desktop to your PC. Any questions? Post a comment! Enjoy!

More posts from the Networking Category

DNS forwarder

Adding DNS query forwarding IP addresses in Windows 2003 DNS Server

configure router remote desktop

How to Configure a Router for Remote Desktop

Remotely Accessing a Windows XP or Windows Server 2003 Computer

How to Control HTTP Proxies using Proxy.pac

Popular Posts This Month

event id

Fix Windows 8 App Opens Then Closes

runas command

5 Windows Alternatives to the Linux sudo Command

5 Utilities for Changing DNS Servers in Windows Reviewed

windows defender

Windows Defender vs. Security Essentials vs Safety Scanner

  1. briank says:

    This a well written and technically accurate walk-thru, but I would seriously caution against allowing RDP across the Internet. While the RDP protocol is encrypted, it is susceptible to MITM (Man-in-the-middle) attacks because it has no means to verify the host. Also, if the local administrator account is enabled and has the default name, attackers can guess at the password all day and will never get locked out.

    Encapsulating the RDP traffic into a certificate based VPN or SSH tunnel is resolves both of these issues. Personally, I use PuTTY to SSH into my router (Linksys WRT-54G running DD-WRT v24 firmware) and then open. PuTTY is configured to forward local port 3390 to port 3389 on my home computer, so all the traffic goes through the SSH tunnel. When using SSH over the Internet, always make sure to use certificate authentication.

  2. Aseem says:

    Hi Brian,

    That is definitely a more secure way to connect to a home computer using Remote Desktop. I used certificates when connecting to a server at my office.

    I wrote about this method for the common man because setting up SSH or a VPN is technically pretty hard. I would suggest people use complex and strong passwords if they do end up using Remote Desktop without SSH or VPN.

  3. [...] I wrote a post on how to configure a router for remote desktop, which went through the steps of logging into your wireless router and forwarding the appropriate [...]

  4. TonyM says:

    Hi Aseem – thanks for a great article – they don’t make this easy, do they?! I still have a couple of problems – (1) the computer I’m trying to connect to is on a Netgear router hooked to a cable modem, so the IP address I get from ‘what is my IP address’ is the router, I think, because it’s the same for all computers on the network. Can you tell me how I get through the router to the specific computer? (2) then at the home end, I’ve got a Linksys router, which has a ‘port range forward’ facility, but like the example in your illustration, the only variable is the last digit – this suggests that it in fact wants to know the IP address allocated to my PC from the Linksys, because the ‘default gateway’ IP on the Netgear (at the office), whilst similar, has one digit different – one that can’t be changed on the Linksys setup page. Thanks for your help.

  5. rochak says:

    I want to enable port forwarding on my router. I have dynamic IP so I have got a static dns created for myself (using dynDNS). Now, how do I enter the dns name in my linksys port forwarding page? As per your screenshot also, linksys only allows portforwarding by entering IP numbers!! where do I enter my dns name?

    pls help . thanks

  6. ArkBark says:

    (Encapsulating the RDP traffic into a certificate based VPN or SSH tunnel is resolves both of these issues. Personally, I use PuTTY to SSH into my router (Linksys WRT-54G running DD-WRT v24 firmware) and then open. PuTTY is configured to forward local port 3390 to port 3389 on my home computer, so all the traffic goes through the SSH tunnel. When using SSH over the Internet, always make sure to use certificate authentication.)

    Can you explain how: PuTTY is configured to forward local port 3390 to port 3389 on my home computer, so all the traffic goes through the SSH tunnel. When using SSH over the Internet, always make sure to use certificate authentication.

    This will be very useful…..

    Thanks

  7. How can I setup a dual router – 1 open and the 2 close – 2 is connected to the modem

    1 is netgear

    2 is linksys

    I put 2 with wpa

    1 is open/free wifi

    but if I connect the 1 to the 2 I can see all the machine when using the 1 for internet

    Thanks

  8. Sacha says:

    Hi,

    I'm trying to figure out how to open ports on my planet4401 router, but I don't see it! Can't even find anything that looks similar to what is in this guide…anyone know?

  9. [...] that is not on the same network, i.e. across the Internet, the only thing you have to do is configure your router for remote desktop access and use the public IP address of the computer you want to connect [...]

  10. Tony says:

    Networking is not my strong point, but I can follow the directions in this article for the most part. I am able to log into my router, but my confusion is with the following: "I would enter Remote Desktop for the application name, 3389 for the internal port, 3389 for the external port, choose both TCP and UDP as the protocol, type in the IP address for the computer I want to connect to, and check the enabled box.

    Specifically, what is the "type in the IP address for the computer I want to connect to"? The example shows '123', but where did that number come from?

  11. [...] Try following the steps listed in the following web page How to configure a router for remote desktop [...]

  12. Ravis says:

    Is there any way to download a configuration file for my router that I can just click and run? I cannot do this myself!!!

  13. tiem275 says:

    Thanks for the clear instructions! Remote desktop is working like a charm!

  14. fullafrisky says:

    I am confused regarding the IP address to enter to configure my lynksys router for RDP. My IP address is not the IP defaulted by the router. The configuration menu only allows the last thee digits to be entered (you entered 123 as an example). I am sure it is very simple, but I don't get it.

  15. Welber says:

    Muito bem explicado mas o meu e um D-link 500b e nao consgui ja fiz tudo, posso esta deixando de fazer alguma coisa voce poderia me ajudar com isso, passando passo a passo.

  16. josuroja says:

    very good guide on remote desktop…thanks

  17. mikez says:

    I have my router configured as outlined above. I can connect via local network with my iPhone, however, when I try from the outside I get a connection failure error? Is 3G too slow to establish a connection? Do I need to be wifi?

  18. Tushar says:

    The initial Cisco router configuration of the console port, you will be accessing routers on your network using telnet sessions. Telnet is an IP-based application; your routers will need to be configured with at least one private IP address to use this method. That router will need a virtual terminal (vty) password configured. If not, any connection attempts will be refused by the router.

    Telnet configuration Command –
    (config)#line vty 0 4
    (config-line)#password XYZ
    (config-line)#login
    (config-line)#

    Thanks,
    Tushar

  19. iknight8 says:

    Ok the port forwarding part, i did everything as the screen shot shows but for the "IP address for the computer I want to connect to" i can just put a random number?

    Also on the remote client which IP address should i use to connect to the remote desktop machine, Because everytime i try to connect it says "Service not started"

    P.s. i have a Netgear router.

    Thanks!

  20. daniel says:

    :l i can get all the way down to were i enter the RDP and the 3389 numbers but it wont let me enable it :/ how do i fix this on a emachines desktop?

  21. JasonH says:

    You would need to configure a port forward for each computer with different public/external ports. For example comp1 is X.X.X.100 and comp2 is X.X.X.101.

    ExternalIP:3333 forward to X.X.X.100:3389

    ExternalIP:4444 forward to X.X.X.101:3389

    In the client just include the port number you’re trying to connect to.

    You still might want to look into something more secure.

  22. colin zim says:

    How does one connect Remote Desktop using a Network switch – NOT A ROUTER ?

  23. Rajhul says:

    Now I’m getting same IP in the IP Address and Default Gateway fields! Now what should I do? Please help to resolve.

  24. jaime says:

    You can also check port forwarding at :

    http://www.portcheckers.com

Leave a Reply