We hv a small LAN controlled by Win 2K3 server acting as DHCP/File & antivirus server. A cisco 800 series router with ISDN connection allows every PC in LAN internet access. How do l go about setting my server (that's right -- only Win 2K3 server) that it allows remotes desktop access from anywhere in the world with maximum security? Internal IP range is 200.200.1.x and 188.8.131.52 being gateway(router's IP).
Any help would be grately appreciated.
Re: Setup Remote Desktop Win 2K3 via Cisco 800 Series Router
11 years 11 months ago #21169
This can be easily setup on your Cisco 800 series router. All you need to do is setup a Static Mapping to translate the address from the outside to the inside.
As for security, this will depend on how much you think you are at risk, your type of buisness and what it would mean to your company to have a compromise. If for example you are a financial institute then i wouldn't go down this route at all and would possibly look at proper VPN connectivity with IPSec and 2 Factor Authentication. However if you are a small firm making windows or something then the risk is probably much more acceptible.
If you were to do this then i would probably set it to an unknown port number, fairly high in the range (60000+) because some attackers will only do port scans for well know services that may have vulnerabilities.
To secure it further, i would see about gettign the people who need access on a fix IP Address from home to allow you to setup ACCESS LISTS to specific IP Addresses, this will then limit who can access that port unless they are doing really advanced IP spoofing which would be very dificult over the Interent as they wouldn't really be able to get the return traffic (or lets say its very very difficult).
Finally, only enable the users who need the access to Remote Desktop into the Windows 2003 server.
Now, the static NAT translation (i call them static since i am used to the Pix )