Intra LAN Remote Desktop URL?

[seekermeister]

From a discussion that I had in a previous thread, some time back, I understand that it is possible to use RDP within a LAN, yet blocking port 3389 to prevent anyone from using this to access the computers from the internet. However, looking at the tutorial and what I found poking around the settings, it appears that it requires a link, such as http://**** to connect. What would one use there to link to another computer within the LAN?

 

[Kari]

The IP-address, for example http://192.168.0.10.

Kari

 

[aem]

From a discussion that I had in a previous thread, some time back, I understand that it is possible to use RDP within a LAN, yet blocking port 3389 to prevent anyone from using this to access the computers from the internet. However, looking at the tutorial and what I found poking around the settings, it appears that it requires a link, such as http://**** to connect. What would one use there to link to another computer within the LAN?

If you setup your machine as a web server for example, you would install IIS and host your website on it. From there you would access the website using http://.

 

[acurasd]

You only need to put the IP address

192.168.2.1

or something like that.... that will be suffcient for Remote desktop.

now for instance... if you have the 3389 blocked. You are going to have to manually change the port on each computer on a port that is open and of course use this:

192.168.2.1:89

if you changed the port to 89

 

[seekermeister]

The IP-address, for example http://192.168.0.10.

Kari

Thanks, that is exactly the kind of answer that I can handle...simple and to the point. Now what I have to figure out is how to block port 3389. Is this something that I do in the firewall or somewhere in the OS?

 

[seekermeister]

Something is screwball. When I entered http://192.168.1.155, which is the IPv4 address of my secondary rig, it replies by saying that I must use http:// and try again. Why doesn't it see what I have typed?

 

[ultraplanet]

Are you using Internet Explorer or Remote Desktop Connection?

 

[brady]

Why block the internal use of RDP port? why not simply block the "incoming" connections to that port on the firewall thus removing the vulnerability that way, while maintaining your rdp access.

 

[seekermeister]

Are you using Internet Explorer or Remote Desktop Connection?

That is a different wizard than what I found in Control Panel>Remote Apps And Desktop Connections. When I enter the IP as you have with the http://, it doesn't complain about that, but it still says that it can't connect, as shown in the attachment below. Since the computers do see each other in Network, I don't understand how it is being blocked?

 

[seekermeister]

Why block the internal use of RDP port? why not simply block the "incoming" connections to that port on the firewall thus removing the vulnerability that way, while maintaining your rdp access.

I'm under the impression that the only thing that I have blocked is external access via RDP. If you believe otherwise, please elaborate.

 

[seekermeister]

You only need to put the IP address

192.168.2.1

or something like that.... that will be suffcient for Remote desktop.

now for instance... if you have the 3389 blocked. You are going to have to manually change the port on each computer on a port that is open and of course use this:

192.168.2.1:89

if you changed the port to 89

I understand what you are saying, but according to the people that I spoke with on the Outpost Forum, what I did was only to block 3389 to the outside world, not internal access. Here is a link to the thread in question, maybe I misunderstood something:

Blocking Port 3389 - Outpost Users Support Forum

 

[seekermeister]

Entering "remote" into the Start Menu's search window, I found a point in System Properties to enable RDP access, but when I tried to do so, it complained that without Windows Firewall being enabled, it couldn't enable RDP. I have it disabled, because I prefer using Outpost. Although I know that it had worked with both firewall enabled in the past, I didn't think it was a good idea to leave it that way, because that would actually make 3 firewalls when counting the one in my router. Is there a way to enable RDP without the firewall?

 

[brady]

Why block the internal use of RDP port? why not simply block the "incoming" connections to that port on the firewall thus removing the vulnerability that way, while maintaining your rdp access.

I'm under the impression that the only thing that I have blocked is external access via RDP. If you believe otherwise, please elaborate.

From what I've read in this forum and on outpost is that you're making mods to your windows firewall... Thus "outside" connections include your current network. I just double checked the default RDP rules and I don't see a way to exclude internal subnet but it may be possible.

 

[seekermeister]

Why block the internal use of RDP port? why not simply block the "incoming" connections to that port on the firewall thus removing the vulnerability that way, while maintaining your rdp access.

I'm under the impression that the only thing that I have blocked is external access via RDP. If you believe otherwise, please elaborate.

From what I've read in this forum and on outpost is that you're making mods to your windows firewall... Thus "outside" connections include your current network. I just double checked the default RDP rules and I don't see a way to exclude internal subnet but it may be possible.

The only mods that I have made are those to the Outpost firewall, not Windows Firewall. As I mentioned in a post just above, the Windows Firewall is disabled entirely. I'm totally new to the entire concept of networks and RDP, outside of what has been said in this thread, and the Outpost thread, thus my confusion is growing larger and larger, rather than clearing. What may seem like a clear statement to you, means nothing to me, such as the one about excluding an internal subnet. If you want me to understand, put it in plain english, without making any assumption about my prior understanding.