IPAddr

Setting up Remote Access using Windows Remote Desktop Client

The easiest way to enable remote access to your system is to use either Microsoft Remote Desktop Client to access it over the internet.

Windows Server 2000 and 2003 both allow up to two remote access sessions to connect to them at the same time as well as having someone ALSO using the normal console session by sitting at the computer itself so you can have up to three people using the one computer at the same time. All three of these users need to be administrators though as normal users are not allowed to use or connect to the server.

Windows XP Professional computers can also support ONE remote connection to them but when the remote connection is in use the local session is disabled and so, while you can access them remotely, only one person can be using a Windows XP-Pro computer at a time. So you could (if you leave it turned on when you go home) access your Windows-XP-Pro computer at work from your home computer as if you were actually sitting right in front of it.

If you need to support more than two remote users at the same time then you can install a Windows Terminal Server. This can be a Windows 2000 or Windows 2003 standard server. You can't use Windows Small Business Server edition software as a terminal server. A terminal server computer will allow as many connections to it as you have licenses for, so you can support many remote users.

The computer at the user end doesn't have to be anything flash. It can be a Windows XP (Professional or Home edition), a Windows 95 or Windows 98 computer or even a Macintosh (see http://www.microsoft.com/mac) or Linux (GNU licensed rdesktop program) computer. If you are using a Windows XP computer the Remote Desktop Client software is already installed when windows is installed but for Windows 95, 98 or 2000 you need to download (for free) and install the Microsoft Remote Desktop Client software.

If you are using a Macintosh then you need to download (for free) and install www.microsoft.com/mac/download/misc/RDC.asp which requires Mac OS X version 10.2.8 or higher.

If you are using Linux you will need the rdesktop client program which is often supplied with the Linux distribution but which can be downloaded for free from http://www.jacco2.dds.nl/rdesktop/index.html

One final way to connect is to use a Windows "Thin Client" computer which is a computer with a keyboard, monitor and mouse but not much else. They usually have Printer and USB ports and may have serial ports but they don't have (or require) a hard disk, floppy disk or CD drive. These computers cannot be used by themselves as their sole purpose is to run their built in remote desktop software and connect to another computer.

If you just use the remote desktop software to connect then there are a number of security issues as your user name and password will be sent in clear text (a readable format) to the remote computer for validation. To provide greater security you should use a VPN (Virtual Private Network) connection if you are accessing computers via the internet. A VPN provides an encrypted "tunnel" for your data to use to travel through the internet and so what you type cannot be intercepted by hackers.

If you want to set up a VPN tunnel from your home to your work then the best way to do this is to use a hardware VPN where your ADSL router creates the VPN with the ADSL router at your work. This doesn't require any software on your computers and it will be working regardless of whether your computer is turned on or not.

If you move around or need to be able to access the network from multiple locations then you need to use a software VPN between your client computer and the remote computer it is accessing. You an create a software VPN between two XP computers or between an XP computer and a Windows 2000 or 2003 server computer.

Once your VPN is up and running then you can use the normal remote desktop software to connect as if your computer was physically connected to the same network as the remote computer - you can ignore the fact that the internet is stuck in the middle.

To create a VPN the IP subnets at each end of the VPN need to be different. Normally in a local area network all of the computers in that network have IP addresses where the first 3 sets of numbers and the same and the last set of numbers MUST be different. Eg 192.168.1.0, 192.168.1.5, 192.168.1.250 are all on the same 192.168.1.x subnet. At the other end of the VPN they would need to be on a different subnet eg 192.168.10.1, 192.168.10.45 etc are all on the 192.168.10.x subnet or they could be 10.0.2.1, 10.0.2.54, 10.0.2.67 which are all on the 10.0.2.x subnet.