Tuesday, November 24, 2020

Enable Remote Desktop Over Internet

A remote desktop connection is a Microsoft Window build-in tool that is used to access a computer from a remote location or remote computer. This remote computer is situated can be anywhere. It can be our local LAN or it can be any location that is connected to the internet.

By default, this remote desktop service is disabled in all the versions of Microsoft Windows. To access a computer from any other of the LAN or any remote LAN that is connected to the internet, we have to enable this service. In a LAN environment to enable remote desktop, there is no extra configuration needed except enabling the service. But if the environment is WAN or if any user wants to connect to the computer, then there are some other things we have to do. That things are “Port Forwarding”.

If the remote desktop server or remote desktop service enabled computer is directly connected to the internet with one public IP address then we have nothing to do. Using the computer’s public IP address we can take easily access it. But if the computer is situated behind any firewall or any router then we have to configure port forwarding.

The port forwarding configuration process depends on vendor-specific devices. In this tutorial, we will talk about Mikrotik Router. We will discuss how to configure Mikrotik Router to allow remote desktop connection request from internet located devices. We will configure the port forwarding process for the remote desktop service. The remote desktop service is used TCP port 3389. We will forward this port from our router to a remote desktop server or remote desktop service enabled computer. If the router received any remote desktop connection request from the internet to access a computer, the router will forward it to that remote desktop service enabled computer or remote desktop server.

Now we are going to learn how to perform port forwarding on the Mikrotik router.  

In the Mikrotik router, we can achieve this task by configuring one destination NAT entry. By this entry, we are telling our router that if any request has come from the internet to reach a Remote Desktop server then forward that traffic to our internal Remote Desktop server. 

Step by step the whole process is shown graphically below.

First of all, we will go to the "NAT" option from the "Firewall" menu and there we will create a destination NAT rule.


Now go to the "General" tab and select "dstnat" as the "Chain" value. Write your public IP address at the "Dst. Address" field. Select "TCP" from the "Protocol" field. And finally, write the destination port number at the "Dst. Port" field. We know that the RDP service is working with the TCP port 3389 number.


Now we will navigate to the "Action" tab. Ant there we select "dst-nat" as "Action" value. At the "To Address" field, we will write our server IP address where the RDP service is running on. At the "To Port" field, we will write the service's port number, that our RDP server is using for that service.


Finally, click on apply and then "OK". A destination NAT entry will be added as follows.


From now on if any request has come to the router from the internet which is intended to go to the Remote Desktop server, then our router will redirect it to our internal RDP server means 10.168.1.247 IP address.

This is the whole process for Mikrotik Port Forwarding. We can call this Mikroitk Destination NAT.

No comments:

Post a Comment