NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

bbryan's avatar
bbryan
Tutor
Nov 18, 2019
Solved

C3000-100NAS remote access

I have three computers on my network in my business. I use a C3000-100NAS Router/Modem. I want to connect to them using Remote Desktop from other locations. They all three have static IP addresses. I...
  • antinode's avatar
    antinode
    Nov 18, 2019

    > [...] They all three have static IP addresses. [...]

     

       LAN IP addresses?  Do you mean actual static addresses (configured on
    the computers themselves), or reserved dynamic addresses (configured on
    (the DHCP server on) the C3000 router section)?

     

    > [...] I can forward Port 3389 to one of them [...]

     

       True, but you can forward other ports to the other two systems (or,
    as I'd advise, to all three).

     

    > [...] I use Remote Desktop App [...]

     

       On what, another Windows system, or a Mac, or some other?

     

    > [...] and apparently are restritcted to that particular port.

     

       Not so.  You can specify a different port number in the "PC name"
    field where your connection is defined.


       You might, for example, specify port-forwarding rules like the
    following (all TCP):

     

                 Ports
          External   Internal   Server Address

            14389       3389      PC1_LAN_addr
            14390       3389      PC2_LAN_addr
            14391       3389      PC3_LAN_addr


       On the client side, you'd specify a "PC name" like:

     

          <your_public_IP_address>:14389
          <your_public_IP_address>:14390
          <your_public_IP_address>:14391

     

       When exposing a well-known service like Remote Desktop to the outside
    world, I would not use the default port (externally).  Why make it
    easier for a lazy attacker to guess the right port?

     

       I believe that it's also possible to configure the Remote Desktop
    server on each system to use a non-default port, but I'd prefer to keep
    things simple for intra-LAN communication, and let the router translate
    the odd-ball external port numbers for external traffic.

antinode's avatar
antinode
Guru
Nov 18, 2019

> [...] They all three have static IP addresses. [...]

 

   LAN IP addresses?  Do you mean actual static addresses (configured on
the computers themselves), or reserved dynamic addresses (configured on
(the DHCP server on) the C3000 router section)?

 

> [...] I can forward Port 3389 to one of them [...]

 

   True, but you can forward other ports to the other two systems (or,
as I'd advise, to all three).

 

> [...] I use Remote Desktop App [...]

 

   On what, another Windows system, or a Mac, or some other?

 

> [...] and apparently are restritcted to that particular port.

 

   Not so.  You can specify a different port number in the "PC name"
field where your connection is defined.


   You might, for example, specify port-forwarding rules like the
following (all TCP):

 

             Ports
      External   Internal   Server Address

        14389       3389      PC1_LAN_addr
        14390       3389      PC2_LAN_addr
        14391       3389      PC3_LAN_addr


   On the client side, you'd specify a "PC name" like:

 

      <your_public_IP_address>:14389
      <your_public_IP_address>:14390
      <your_public_IP_address>:14391

 

   When exposing a well-known service like Remote Desktop to the outside
world, I would not use the default port (externally).  Why make it
easier for a lazy attacker to guess the right port?

 

   I believe that it's also possible to configure the Remote Desktop
server on each system to use a non-default port, but I'd prefer to keep
things simple for intra-LAN communication, and let the router translate
the odd-ball external port numbers for external traffic.

bbryan's avatar
bbryan
Tutor
Nov 26, 2019

Thanks for the information, was able to configure my system with your help. Solution worked.