Windows Remote Desktop

OhioDon · 09-15-2011, 09:50 AM

I would like to be able to use Windows Remote Desktop over the internet, from any location, to remote INTO a computer on my local network that is INSIDE the Untangle firewall. How do I set this up? Particularly, how do I get through the Untangle firewall? Please be as specific as possible. I have read about opening ports but I need a bit more "hand holding" if possible.

Thanks in advance!

hlarsen · 09-15-2011, 10:15 AM

don't use a port forward, use OpenVPN to connect and then remote in with the internal IP of the machine.

raditude · 09-15-2011, 10:57 AM

I second what hlarson said of OpenVPN, however I have had folks who refuse to install it and have created a port forward and locked it down to only being allowed to access from 1 or 2 IP addresses. IMHO not the best option, as that would be a VPN into the network then using RDP, but it can be done.

OhioDon · 09-22-2011, 12:00 PM

OK, I obviously have something wrong. I got through to distributing a client. The distributed key looks like this: https://untangle.companyname.local/o...23456789lkj123 When I try to put that in the browser of the computer that received the link, I get a message "Internet Explorer cannot display the webpage".

Possible problem in my Untangle Networking setup: The Hostname and the Domain Name Suffix are both companyname.local. Do those need to be something ending in .com instead of .local?

DHCP Server and DNS Server are both NOT Enabled in Untangle.

In Untangle configuration, I just tried a Connectivity Test. Says Testing DNS ... OK. Then Testing TCP Connectivity ... Failed. What does that mean?

In UT configuration, in Public Address, "Use Hostname" is checked and in "Current Hostname" is untangle.companyname.local Should this be changed to "Use External IP address"?

I fear I'm in over my head but I'd really like to get Remote Desktop working!

hlarsen · 09-22-2011, 12:43 PM

what is your setting at Config > Administration > Public Address?

OhioDon · 09-22-2011, 12:46 PM

In UT configuration, in Public Address, "Use Hostname" is checked and in "Current Hostname" is untangle.companyname.local

hlarsen · 09-22-2011, 12:52 PM

if you're in router mode, change it to the default.

if you're in bridge mode, change it to manually specify whatever your WAN IP is, then make sure to forward 1194 and whatever your External HTTPS Port (Config > Administration) from your edge device to the Untangle.

OhioDon · 09-22-2011, 01:33 PM

I'm in Router Mode so I changed that to default.

When I used the emailed link, it gave me a message "There is a problem with this website's security certificate." I did continue anyway... I went on through the setup... and NOW IT WORKS!!! THANK YOU!!!

Two more questions:
1. Does the OpenVPN client I installed with the emailed link basically "open a hole" into my company network through UT? (Which then allows me to use remote desktop)
2. Does this make me more vulnerable to being hacked?

09-15-2011, 09:50 AM	#1 (permalink)
OhioDon Untangler Join Date: Sep 2007 Posts: 43	Windows Remote Desktop I would like to be able to use Windows Remote Desktop over the internet, from any location, to remote INTO a computer on my local network that is INSIDE the Untangle firewall. How do I set this up? Particularly, how do I get through the Untangle firewall? Please be as specific as possible. I have read about opening ports but I need a bit more "hand holding" if possible. Thanks in advance!

09-15-2011, 10:15 AM	#2 (permalink)
hlarsen Join Date: Jul 2010 Location: sfba URLs submitted: 1 Posts: 1,137	don't use a port forward, use OpenVPN to connect and then remote in with the internal IP of the machine. __________________ Attention: Support on the Untangle Forums is provided by volunteers and community members. If you need official Untangle support please call or email support@untangle.com.

09-22-2011, 12:00 PM	#4 (permalink)
OhioDon Untangler Join Date: Sep 2007 Posts: 43	OK, I obviously have something wrong. I got through to distributing a client. The distributed key looks like this: https://untangle.companyname.local/o...23456789lkj123 When I try to put that in the browser of the computer that received the link, I get a message "Internet Explorer cannot display the webpage". Possible problem in my Untangle Networking setup: The Hostname and the Domain Name Suffix are both companyname.local. Do those need to be something ending in .com instead of .local? DHCP Server and DNS Server are both NOT Enabled in Untangle. In Untangle configuration, I just tried a Connectivity Test. Says Testing DNS ... OK. Then Testing TCP Connectivity ... Failed. What does that mean? In UT configuration, in Public Address, "Use Hostname" is checked and in "Current Hostname" is untangle.companyname.local Should this be changed to "Use External IP address"? I fear I'm in over my head but I'd really like to get Remote Desktop working! Last edited by OhioDon; 09-22-2011 at 12:39 PM..

09-22-2011, 12:43 PM	#5 (permalink)
hlarsen Join Date: Jul 2010 Location: sfba URLs submitted: 1 Posts: 1,137	what is your setting at Config > Administration > Public Address? __________________ Attention: Support on the Untangle Forums is provided by volunteers and community members. If you need official Untangle support please call or email support@untangle.com.

09-22-2011, 12:52 PM	#7 (permalink)
hlarsen Join Date: Jul 2010 Location: sfba URLs submitted: 1 Posts: 1,137	if you're in router mode, change it to the default. if you're in bridge mode, change it to manually specify whatever your WAN IP is, then make sure to forward 1194 and whatever your External HTTPS Port (Config > Administration) from your edge device to the Untangle. __________________ Attention: Support on the Untangle Forums is provided by volunteers and community members. If you need official Untangle support please call or email support@untangle.com.

Protect

Filter

Perform

Connect

Manage

Add-Ons

09-15-2011, 10:57 AM	#3 (permalink)
raditude Join Date: Jan 2009 Location: Eugene, OR Posts: 1,112	I second what hlarson said of OpenVPN, however I have had folks who refuse to install it and have created a port forward and locked it down to only being allowed to access from 1 or 2 IP addresses. IMHO not the best option, as that would be a VPN into the network then using RDP, but it can be done.

09-22-2011, 12:46 PM	#6 (permalink)
OhioDon Untangler Join Date: Sep 2007 Posts: 43	In UT configuration, in Public Address, "Use Hostname" is checked and in "Current Hostname" is untangle.companyname.local

09-22-2011, 01:33 PM	#8 (permalink)
OhioDon Untangler Join Date: Sep 2007 Posts: 43	I'm in Router Mode so I changed that to default. When I used the emailed link, it gave me a message "There is a problem with this website's security certificate." I did continue anyway... I went on through the setup... and NOW IT WORKS!!! THANK YOU!!! Two more questions: 1. Does the OpenVPN client I installed with the emailed link basically "open a hole" into my company network through UT? (Which then allows me to use remote desktop) 2. Does this make me more vulnerable to being hacked?