Basic port forwarding... what am I missing?

[Reckoning]

Hello,

I'm trying to setup port forwarding to have access to my home PC while not at home.

Here's what I've done:

• Gave my PC a static IP
• Logged into my router and under the "Port Forwarding" section I sent traffic on 3389 to my static I set
• Went into Windows Firewall and allowed the Remote Desktop option
• Went into the Remote settings for Windows and allowed the "Allow remote connections to this computer"
• Got my public IP and enter it into an RDP session and I get "Remote Desktop can't connect to the remote computer for on of these reasons:
  1) Remote access to the server is not enabled
  2) The remote computer is turned off
  3) The remote computer is not available on the network

I can ping my public IP... I don't know what I'm missing.

 

[johnb35]

Why not just use teamviewer?

www.teamviewer.com

 

[Reckoning]

That may be the better options but at this point... I just want to know what I did wrong here.

 

[Geoff]

Can you connect to that PC over your LAN? If so, you can rule out a configuration problem on the PC. In your router, did you select TCP, UDP, or both for 3389?

 

[Agent Smith]

I would never use RDP. Use Teamviewer.

As far as what went wrong it could be a whole host of things. NetBIOS, improper configuration, who knows.

 

[Reckoning]

Yes I can get to it on my LAN. Both TCP and UDP open.

 

[Reckoning]

Ok I got it to work but hopefully it makes more sense to you guys.

I had to set a "Virtual Server" and forward a public port to a private port (3389 for RDP) and it now works.

Any ideas why normal port forwarding wouldn't work but a virtual server setup would?

 

[Homenet]

Some routers use different terminology. For example on some drayteks it appears there are 3 different places you can configure port forwarding, whereas it only works under 'virtual servers'.

 

[beers]

I would never use RDP. Use Teamviewer.

Why not? RDP provides its own encryption and you don't have to rely on your data going through an external company in order for you to connect.

Ok I got it to work but hopefully it makes more sense to you guys.

I had to set a "Virtual Server" and forward a public port to a private port (3389 for RDP) and it now works.

Any ideas why normal port forwarding wouldn't work but a virtual server setup would?

At least you got it sorted out

Depends on the router itself. Usually you need to port forward to traverse the layer of NAT that faces the internet, so you would be as you said for forwarding a public port to a private port. Some routers call them different things, which specific device do you have out of curiosity?

 

[Agent Smith]

http://searchsecurity.techtarget.co...o-Microsoft-RDP-security-secure-remote-access

 

[beers]

Those articles were from around 2012 and have been patched.

If you're really that paranoid I would think Teamviewer would scare you more since all of your session data goes through an external party at an application layer instead of just having a direct connection.

 

[Agent Smith]

Teamviwer is encrypted with AES 256.

 

[beers]

Teamviwer is encrypted with AES 256.

Sigh.