Archive for the ‘Tutorials Microsoft’ Category

Thursday, October 12th, 2006

Now being in the IT business there is always a need to be able to control multiple computers remotely. I have found that Remote Desktop built into Windows XP is by far the best way to accomplish this act. The other issue is that when working behind a firewall all the desktops use the same port, 3389, for RDP and is not a configurable option. This poses a question, How do we manage multiple workstations behind a firewall with RDP?Sure we could setup one of the workstation with RDP and then connect to that one and hop to the next one, but now you are 1. Tying up two machines and 2. The connection speed is very slow when hoping like that.We could also use less secure, and less functional options like PC anywhere or VNC, which are not out of the question, but for ease of use and overall performance RDP is the way to go. Be aware opening your PC’s to the outside world involves a certain amount of risk. Please research and weigh those risks out yourself.I will cover the steps to take to setup RDP on mupltiple computers through a firewall.I assume that you are familar with your router and how it handles port management and so on…. if you dont, come back soon and I will post another tutorial on how that is done with poplular routers on the market.Step 1 – The first thing that I usually do is setup a free dnsdyn.com account for the public IP address of the network I’m working on. This allows me to easily remember the DNS name I setup as opposed to the IP address. Go to http://dyndns.com and setup a DNS account to point to your Public IP address. If you do not know your public address you can surf to the following web address on any of the computers on this network: Http://whatismyip.com .For this tutorial I will use company.dyndns.com for the DNS name you will setup with themStep 2 - Lets assume the network we are working on has 4 workstations and 1 server. Leave the server alone and turn on remote desktop. This server will now listen on port 3389 for RDP connections. When we launch our remote desktop connection and put in ‘company.dyndns.com’ it will connect to the server.Now how do we directly connect to the 4 internal workstations without doing the hop technique?? What we will need to do is set each of those workstaions with an static ip address so they do not change when rebooted, or loss of power etc.. (Below is an example setup)Server1 – 192.168.1.100WS1 – 192.168.1.101WS2 – 192.168.1.102WS3 – 192.168.1.103WS4 – 192.168.1.104Step 3 – Now that we have static IP addresses setup on each machine we need to get them all to listen to 4 different ports for RDP traffic and then tell the router to forward that traffic to each one of these machines on there respected ports.We are going to need to edit the registry on each of the machines. If you have never edited the registry before, please be advised it can be very dangerous to the machine if done incorrectly. We are not responsible for any issues that may be caused if done incorrectly.Go to each machine and prefrom the following steps:1. Start > run > type “regedit” and hit enter. (Figure 1)This will bring up the registry editor. (Figure 2)(Figure 1)(Figure 2)Click here for Figure 2 image.At this time I would highly suggest backing up your registry.Highlight the my computer entry like in Figure 2 and then click File > ExportSave it to your desktop. Now we are ready to edit.Navigate to the following registry key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-TcpIn the right window pane you should see the following entry (Figure 3):(Figure 3)Click here for figure 3 image.You can now see the Hex value of the key and the number 3389. This is what needs to be changed on each machine to a different port number.Step 4 – Double click that key and you will get a small window that pops up, click the radio button next to decimal as shown in (Figure 4) and then click ok and close the registry editor(Figure 4)For each machine this port will be different. Lets use my example workstations as follows, change the registry entry for all workstations to different ports and restart them all.WS1 – 192.168.1.101 – Port 3390WS2 – 192.168.1.102 – Port 3391WS3 – 192.168.1.103 – Port 3392WS4 – 192.168.1.104 – Port 3393Now keep track of which port goes to what machine. Make sure you restart all your computers for it to take effect, and also make sure RDP is active on the machines and the Windows firewall is not blocking it.Step 5 – Login into your router and setup port forwarding to match the above list (or however you set it up).Now test. When you go to connect to workstation 1 you will use your new dyndns:port. Example in (Figure 5) will connect to WS1:(Figure 5)Now you should be all set!!I hope this helps some of you out there!NEPCW

Filed under Tutorials Microsoft | Comments Off

Thursday, October 12th, 2006

What I will cover in the tutorial is how to enable the built in firewall in Windows XP (Pro and Home).

Using a firewall is added protection for your computer, esp if you are connected to a broadband connection.

(google)Define:Firewall:
A firewall is a hardware or software solution to enforce security policies. In the physical security analogy, a firewall is equivalent to a door lock on a perimeter door or on a door to a room inside of the building – it permits only authorized users such as those with a key or access card to enter. A firewall has built-in filters that can disallow unauthorized or potentially dangerous material from entering the system. It also logs attempted intrusions.

Step1 - Start and login to your computer

Step2 – On the desktop right click the “My Network Places” icon (Figure 1) and in the drop down menu, left click properties. This will bring up your network connections (Figure 2)

(Figure 1)

(Figure 2)

**If you do not see My Network Places on the desktop, click start menu and you should see it there**

Step 3 – Once you have the network connections windows up, you want to right click on the Local Area Network icon and go to properties. Another window will pop up with three tabs, you want to go to the last tab “Adavanced” and click the “Settings” button. (Figure 3)

(Figure 3)

Step 4 – Once in there you will see two different radio button options for on and off. Choose on, and put a check mark in the “Don’t Allow Exceptions”(Figure 4). What this will do is turn your firewall on and not allow any exceptions to the firewall rules. In a later tutorial we will cover exceptions and advanced firewall options. For now this is the basic firewall setup.
now click ok and ok and your firewall is active!

(Figure 4)

Come back soon for more in depth look at the Windows firewall!

NEPCW