Computerworld

Network Advisor: Remote access

  • Roger Gann (PC Advisor (UK))
  • 28 June, 2006 19:30

One of my favorite network admin time-savers is without doubt RDC (Remote Desktop Connection). This simple utility lets you remotely access a Windows system over a network or the web, provided it is set up to do so and you have proper access.

You open a connection to the PC and then view its virtual desktop. From here, you can access the remote computer as if it were your own: the desktop, client drives, audio sources, serial and parallel ports and printers. Even better, the local and remote computers share a clipboard, allowing data to be interchanged between applications.

So you can use it to monitor your headless server from across the office or access your PC from the other side of the world. Thanks to RDP (Remote Desktop Protocol), you can access any Windows XP

Pro or Windows 2000 system from any other Windows, Pocket PC, Mac or Linux client. RDP works across any TCP/IP connection.

RDC in practice

Running RDC couldn't be simpler. To set up your PC to be remotely accessible, open the System folder in Control Panel. Under the Remote tab, check 'Allow users to connect remotely to this computer'. Ensure you have the proper permissions to connect to your computer remotely and click ok. Leave your PC running and connected to the company network with internet access.

At another PC, click Start, All Programs, Accessories, Communication, Remote Desktop Connection. You then type in the remote computer's IP address (or its network alias if both PCs are connected to the same network) and click Connect. If accepted, a window then appears displaying the remote desktop. Enter a username and password and you're done.

If you use an NAT (network address translation) router, you'll need to forward TCP port 3389 to the IP address of the remote PC. Your firewall may well block RDC -- the XP SP2 Windows Firewall can be configured to allow RDC by simply checking a box in the Exceptions tab.

The RDC client comes as standard with Windows XP Pro but the XP install CD also includes RDC clients for Windows 9x and Windows 2000 machines. Or you can download them from Microsoft.com. However, you don't actually need to use a client program -- it's possible to use Internet Explorer, courtesy of the Remote Desktop Web Connection if you wish.

Insert the Windows XP Professional CD and select 'Install additional windows components'. Highlight IIS (Internet Information Services) and click Details. Select World Wide Web services and click Details. Tick the checkbox next to Remote desktop web connection, click ok twice and Next to install. To connect to the remote desktop from any client computer using Internet Explorer, simply type 'http://(IP address of your PC)/tsweb' to bring up the web connect dialog.

RDC tips and tricks

Having a smooth and responsive RDC is the name of the game, and here are a few things you can do

to reduce the lag effect, particularly on low-bandwidth connections.

-- Color depth Okay, it's a bit of an old chestnut, but you should consider dropping the color depth of the remote workstation -- assuming, that is, you don't need 16 million colors! This can have a huge impact on transfer speeds, resulting in quicker-responding connections.

-- Command prompt (1) You can resort to opening a command prompt instead of using Windows Explorer. Not only does the simple monochrome command line interface speed things up, but

so will using DOS commands.

-- Hide windows If you really need to have multiple programs open at once, try to keep only one program's window visible and the rest minimized. The less window movement and changes on the remote desktop, the fewer data have to be transferred to your system and the less lag time you will experience.

-- No frills Try turning all unnecessary features off. Do you really need the remote desktop's background graphic, or menu animations? Those desktop themes will just have to go. Keep things simple at your end: avoid using processor-intensive or bandwidth-intensive programs, which are guaranteed to affect the responsiveness of the RDC.

-- Easy switching If you want Alt, Tab to switch between open windows on the remote PC, click Start, Run and type Mstsc in the dialog box. Click on the Options button and the Local Resources tab. Select 'On Remote Computer' from the Keyboard label drop-down. Click 'Connect' and you'll be able to use Alt, Tab to switch the windows opened on the remote system even when the RDC

window isn't maximized.

-- Command prompt (2) If you want to connect to a terminal server via the command prompt you can do so by typing mstsc -v:servername /F -console , where 'mstsc' represents the remote desktop connection executable file, -v specifies which server to connect to, /F is for full-screen mode, and -console is there to indicate that you want to connect to the console.

-- Auto log-on It is possible to let users automatically log on to a session without having to type their username and password each and every time they initiate a connection.

For this, two things have to be done. At the server, open the Group Policy Object Editor (gpedit.msc), double-click Administrative Templates, Windows Components, Terminal Services and then choose Encryption and Security. Open the properties box of 'Always prompt client for password upon connection' and disable it. On each client workstation open RDC, and in the general tab enter the log-on credentials in the appropriate boxes.

Accessing multiple PCs

Of course, RDC can only let you connect to one PC -- what happens if there are several on the network you want to connect to? The answer is to change the default port RDC listens on from each host computer. This trick also increases security: it prevents detection by anyone doing a routine scan for RDC.

To change the listening port, open the Registry and drill down to Hkey_Local_Machine\System\CurrentControlSet\Control\TerminalServer\WinStations\

RDP-Tcp\PortNumber.

From the Edit menu, click Modify, then Decimal. The default port is 3389. Choose a new port number -- preferably a high one, say between 50000 and 65535, to avoid conflict with any other apps on your system, but you could theoretically use any port on the system. Obviously, choose a different port number for each workstation.

You'll probably also have to add an additional port-forwarding entry corresponding to the new port on your router for each workstation you want to connect to.

To access your computer remotely, instead of typing just the IP address, you now need to type the address followed by the port number. For example: 192.168.1.1:65000.