2

I have a 2008 R2 with AD, DHCP, RDS - The server acts as a router for the internal network. I'm trying to connect through RDP from the internet to computers on the internal network through RDS. How can I achieve this?

Theveloper
  • 164
  • 2
  • 11

3 Answers3

7

You best bet would be Remote Desktop Gateway (or Terminal Services Gateway). This creates a gateway via port 443 to allow you to access Remote Desktop Servers (this includes Windows Professional/Ultimate edition workstations offering RD access) behind the gateway. It also allows you to control who can get to where using Authorization Policies, which is much better than just opening up ports on your firewall.

Since it uses TLS, you would need a certificate your RD clients trust to avoid warnings on each connection setup.

the-wabbit
  • 40,737
  • 13
  • 111
  • 174
MikeAWood
  • 2,566
  • 1
  • 13
  • 13
  • thanks for the edits.. I need to work on being more complete when I answer questions on here. – MikeAWood Apr 16 '12 at 05:23
  • Can you go a bit more indepth on actual configuration Mike? Or point me to somewhere that shows how to achieve this config – Theveloper Apr 16 '12 at 15:20
  • Remote Desktop Gateway is a Server Role under Remote Desktop Services in Windows Server 2008. A Step by Step from Microsoft can be found here http://www.microsoft.com/download/en/details.aspx?id=5177 Start there and let us know how far you get. – MikeAWood Apr 17 '12 at 01:37
2

RDP to the RDS server. RDP ("jump") from that one to the next

Mathias R. Jessen
  • 25,161
  • 4
  • 63
  • 95
2

If there are only a few of them you could forward ports. One excellent way to do this in linux is to use SSH to forward the port dynamically; I don't know if windows has any like facility.

You could also use internet-routeable ("real") IP addresses on your internal network and allow RDP through the firewall.

Falcon Momot
  • 25,244
  • 15
  • 63
  • 92