The new forums will be named Coin Return (based on the most recent vote)! You can check on the status and timeline of the transition to the new forums here.
The Guiding Principles and New Rules document is now in effect.
Remote Desktop over the Internets
Airan
Registered User regular
Registered User regular
So I've discovered the wonders of Remote Desktop through work, and would like to try this out at home. I have a laptop from work and a personal desktop machine, both WinXP Pro. I would like to RDP into my desktop from my laptop through the internet, how would I do this? I'm running my desktop through a firewalled router, if that helps any.
I have tried VNC, but I like the ability to lock my desktop while I'm RD'ing to it - something I can't seem to do in the free version of VNC (or I haven't found the option yet).
I'm also assuming it's not particularly safe to be transferring unencrypted passwords over the internet, or rather, just running RD isn't secure enough, so I was wondering if Hamachi VPN be a viable solution for a 'secure' connection?
My only main requirement is that I can have my desktop locked while I'm remoting to it, that is all.
I have tried VNC, but I like the ability to lock my desktop while I'm RD'ing to it - something I can't seem to do in the free version of VNC (or I haven't found the option yet).
I'm also assuming it's not particularly safe to be transferring unencrypted passwords over the internet, or rather, just running RD isn't secure enough, so I was wondering if Hamachi VPN be a viable solution for a 'secure' connection?
My only main requirement is that I can have my desktop locked while I'm remoting to it, that is all.
Airan on
0
Posts
Obviously, that opens it up to everyone. So a VPN of some sort (Hamachi would probably be the easiest) might be an idea if you're security conscious. I have no idea of any operational considerations with Hamachi and RDP as I've never used Hamachi personally, but I imagine it should be fine.
I haven't had any funky security results as of yet BUT with Hamtachi the other day I was playing with it and noticed someone NOT me in my network (mounted to my mac at home). So take that for a word of warning.
For security reasons i'd advise you have a static ip address for home and work (if you don't already), that way you can port forward 3389 (or alternately a different port, it doesn't have to be 3389 as long as you give the address in the form of address.com:12345).
I do that for work, for example we have an ip range and I have port 3389 opened only to my homes static ip address. (in otherwords, only I can connect via terminal services remotely) And vice versa, I can connect to my home machine from work only from works ip address.
Also, on vnc.. Use tightvnc with the dfmirage mirror display driver. The performance is astounding. It blew me away when I used it. (the performance over a low bandwidth connection etc was incredible) All other VNC daemons/servers are pitiful in comparison.
I actually cannot emphasize this enough, if you use vnc use tightvnc and dfmirage. It slaps around realvnc and all the others.
---
I've got a spare copy of Portal, if anyone wants it message me.
I also can't enable a static IP since I don't own the broadband connection. How would you restrict a port to be accessed by one ip only???
I'll take what you wrote in mind useless4, but I'll carry on with Hamachi all the same to see how it works out.
[edit] Well ok, I just tried Hamachi, and using the Hamachi IP, it doesn't work. This is going to be a lot trickier than expected....
Hmm, you could enable the following two options on the tightvnc server: "No local input during client sessions" and "Blank screen on client connections" if you don't want people to watch what you're doing.
By the way, if you use tightvnc over a lan then use hextile.. the performance is so good that it is practically as good as sitting in front of the machine. If you are connecting over the internet then use the tight protocol and whatever level of jpeg compression you feel is necessary. (depending on the internet connection speed)
I installed tightvnc with dfmirage on all workstations at work because on a lan it actually works better than using remote desktop, you can talk to users over the phone and show them what you're doing (if you need to) to explain something or other.
Oh and if you need to you can get it so tightvnc launches silently on startup with no systray icon.
---
I've got a spare copy of Portal, if anyone wants it message me.
[edit]Am I correct in assuming the dfmirage driver is already installed with tightVNC, or should I download it separately?
www.mesh.com
lets you connect to your other windows boxes (mac and mobile coming soon) and you get online storage you can sync up between them
You can download the latest RDP client from Microsoft. Anyway, it's fairly backwards compatible. I've connected to Vista from XP in the past without problems. There are also plenty of remote desktop clients around for Linux and Mac OS X if you need to also access them from a different OS. (they mostly use rdesktop)
You need to download dfmirage separately (it's linked to on the tightvnc download page) and make sure it's enabled in the tightvnc server settings. It gives a MASSIVE performance boost. It hooks into the display driver and rather efficiently is able to detect what's updated on the screen and what hasn't and just send the bit of the screen that has updated rather than the vnc norm of sending the entire screen.
---
I've got a spare copy of Portal, if anyone wants it message me.
He's most likely getting a security warning prompt that can just be ignored and allowed to connect anyways. Hell I can remote desktop into windows 2008 from Linux. It's just a matter of using the right RDP protocol.
You'll definitely want to limit RDP access by IP address and make sure you use a nonstandard inbound port like GrimReaper mentioned. And use as long a password as you can stand.
Even if you don't have a static IP at home, as long as it is a public ip, you may be able to get by just checking on it every so often and make sure it hasn't changed. It's very unlikely to change even if it is assigned by DHCP. I suppose you could also go the DynDNS route too. However, if your ISP gives you a NAT'd private IP on your home connection, you're SOL.
It shouldn't matter what version of RDP you are using on either end of the connection. Check that Windows Firewall isn't blocking connections to your laptop.
You can use Windows' Remote Assistance for this. But it needs to be configured in Group Policy or Local Computer Policy first at Computer Configuration\Administrative Templates\System\Remote Assistance. Once your account/group is listed in there you can use a shortcut to:
%windir%\explorer.exe hcp://CN=Microsoft%20Corporation,L=Redmond,S=Washington,C=US/Remote%20Assistance/Escalation/Unsolicited/Unsolicitedrcui.htm"
to initiate RA sessions to other machines/users to view and/or control their computer. Has builtin chat window if you don't want to use the phone too.
Yep, I did actually use remote assistance at first. However tightvnc is that good, in comparison using remote assistance is like watching paint dry. I cannot recommend tightvnc with dfmirage highly enough. (the performance is staggering, seriously.. try it)
---
I've got a spare copy of Portal, if anyone wants it message me.
Holy shit, you're right, my typing cursor now blinks when I hold down an arrow key, as opposed to the entire image refreshing after I release input
As for the RDP mystery, I've set it to have a warning to see what the hell was going, and apparently RDP can't identify my desktop, because either 1)I'm not using Vista or 2)my RDP security layer's screwed up or something, can't remember. I haven't bothered using RDP afterwards, although I will try again eventually (TightVNC's blank screen option doesn't force my monitor to enter power save mode).
So for like, if I'm using a IP, but that IP is also being used by other customers, then I'm SOL? Our external IP only changes whenever I power cycle the router, otherwise it stays put.
I can't speak for the Windows XP RDP server, but on Windows Server 2003 it runs amazingly better than VNC for me. Also, on Windows Server 2003 you can execute the "shadow 0" command on startup which allows you to actually take over the current windows session completely, which is pretty cool for remote management.
You might also need to set your Terminal Services settings in the Group Policy Editor if you're having trouble with RDP. It's under Computer Configuration\Administrative Templates\Windows Components\Terminal Services.
Yeah I've found that I can connect to other computers, but no computer can connect to me either with games through Hamachi or now using RDP. This is seriously fustrating. The RDP throws a warning, I click 'Connect' anyway and the bar moves and moves and then stops. Nothing happens. I can click on the buttons again but no dice. I also notice that when I click it gives me a user details prompt, where older versions didn't do so. Currently I've been just typing a random number as I expect to see a login screen when I successfully connect (as with work). Do I also need to log out of the desktop to get it working?
btw: these are the guys that bought hamachi.
No, some ISP's will give their customers nonroutable private IPs in the Class A, B, or C range (10.x.x.x, 172.16.x.x, 192.168.x.x), i.e., NAT'd addresses. If your router's external IP address is not in this range then you have a routable public IP and you'll be able to connect to it just fine.
Check that Windows' firewall is not blocking these connections. This is exactly what you will see when Windows' firewall gets turned on, all outbound connections still work, but all inbound connections are cut off.
Logmein is ok but the web interface can be frustratingly slow sometimes for even simple remote tasks such as web browsing or just navigating on the host computer.
What I have done for years is forward the RDC port to my comp I want to Remote to and use No-IP so I don't have to worry about my IP address. The only problem I have had is when the No-IP client decides not to update. That seems to happen if I have not used the comp in a while. I'm talking days. It is free after all...
The simplest form of VNC works nice but it does not lock the desktop unless you specify it to. If I remember right.
Heh, VNC is what we use at work to connect to customers computers. God, that is soo much better than trying to teach them how to Right-Click.....
How does TightVNC + dfmirage compare to UltraVNC with its own display hook driver? I like UltraVNC because you can also do file transfers over it, rather handy for moving the occasional file.
Edit: I just noticed that the newest version of TightVNC now has file transfers. I guess I'm switching!