The Ultimate Guide to Secure Remote Desktop Connections To Safely Access Your PC over the Internet
HTML-код
- Опубликовано: 8 сен 2024
- PLEASE NOTE: RDP for Windows 10 Home Edition is ONLY available in Windows 10 Fall Creator Update (1709) or later.
In this video I will show you how to very easily set up your computer and router to allow Remote Desktop connections from a remote location outside of your home or office, and how to configure and enable 128-bit encryption on the remote desktop connection so you can safely and securely access your computer from outside your network.
There are many times when I am at work and need to do something on my home computer.
With this setup I can use RDP (Remote Desktop Protocol) and Remote Desktop Connection software to connect to my home computer from work (or from a hotel if I'm travelling).
So for example, you could access your computer at home from your work computer with nothing but Remote Desktop and no other special software and take advantage of the awesome built in features of remote desktop like multiple monitors, shared resources, printing, etc.
For more videos, check out my Channel Page / @jerryboutot and Subscribe! Thanks!
Find me here:
Website: jerryboutot.com/
RUclips: / jerryboutotofficial
Facebook: / jerryboutot
Twitter: / jerryboutot
LinkedIn: / jerryboutot
ReverbNation: www.reverbnati...
Amazon Music: www.amazon.com...
Instagram: / jerryboutot
TikTok: / jerryboutot
OnlyFans: onlyfans.com/j...
Patreon: www.patreon.co...
Twitch: / jboutot
#independentartist #music #newmusic #indiemusic #musicians #musicbiz #indieartist
It took me a very long time to get this video done, but I'm so glad I did! My previous two videos - How to set up remote desktop & How to secure remote desktop - were done on different operating systems and at different times. This time, I scripted and story-boarded the content, and produced the video with Closed Captioning and other best practices as defined by Camtasia and TubeBuddy. The thing to keep in mind is that this video is NOT a recommendation or endorsement to set up RDP port forwarding on your router, rather it's an exercise in answering the question: How can I access my home PC while I'm away without any special software. Try it out but please RDP responsibly :)
@@slishnevsky No way. That's a very bad idea to have an account with no password. FORCE them to use a long, strong password. It should be something they will never forget, but difficult to guess. Windows doesn't allow RDP into an account without a password, and when you follow my instructions, which basically come from Microsoft, in order to set up the security on the connection you have to have a strong password - at least 8 characters with numbers, letters and one capital letter I believe. Good luck!
@@slishnevsky You can have a password set on the account, and still have it boot up without asking for that password. Set and really good password, and then follow these instructions. www.isumsoft.com/windows-10/how-to-bypass-windows-10-password-and-automatically-login.html
Awesome Jerry. I used to secure my network via VPN but now I learned this, i guess I need to try it out. Keep on charging mate, thanks
I tried to do the same thing to make my network to go public but without changing the router settings and Microsoft Edge stopped working, my computer went offline Please help?
@@DanielBrosman08211986 Hi Danial - sorry I don't do consulting work for this type of thing, it's just a knowledge transfer video. The best advice I can give you is to try and undo the changes you made. Good luck.
you're a good man Jerry. I can now watch Netflix at the office
0:00 - intro
1:40 - external IP address of router - comments
3:00 - changing IP address to fixed - comments
3:20 - STEP 1 - enable Remote Access on each PC
4:10 - STEP 2 - enable access through Firewall
4:40 - STEP 3 - enable fixed IP address
7:20 - STEP 4 - router configuration Port Forwarding
10:00 - STEP 5 - connection test via remote PC
11:15 - STEP 6 - enable extra security from external
14:36 - STEP 7 - enable extra security from internal
16:50 - STEP 8 - connection test via network PC
18:30 - STEP 9 - connection test via remote PC
19:38 - STEP 10 - connection test via internet remote PC
21:40 - outro
Here's another security suggestion, in security policy's under account policies you can setup account lockout on invalid password attempts (i.e. 5 invalid logon attempts, lock user for 10 minutes). This should prevent RDP bruteforce attacks.
Jerry - I've used this video twice and it's just plain spot-on. Thank you so much for doing such a meticulous and clear set of instructions - AND explaining the "why" for each step. Truly appreciate you. I set up exactly as you showed here and it worked flawlessly for a year. The only thing I had in addition was DUO for 2FA. Then this weekend, a windows update came in and completely wiped out the connectivity to RDP. Tried everything to identify the problem. Stripped it all the way back to having to re-install windows10 and built it all back again - and it worked. So I got to enjoy another couple hours with your video. Thanks again for doing this wonderful instructional.
I know this is a year old but WOW this is the perfect tutorial video
Thanks so much for the excellent critique! Have an AWESOME Day!
EXTREMELY well explained, absolutely awesome. Thanks home slizzle
Thanks! I appreciate that! 😎
Let's appreciate the amount of work and care it took for Jerry to make this video. Clear, concise explanation. Thank you so much!
Thanks 👍
This is quite simply the best tutorial I have seen on any tech PC subject, and one of the best on any subject. Thank you so much for putting in all the effort!
Thanks so much Chris! I'm truly grateful for such a positive comment 😃
May be the best, but not so much "quite simple"
The best tutorial video ever on this subject. I have been attempting to remotely access my laptop from work for ages following the instructions given by a number of videos on RUclips, but in vain. Yours worked like magic because you know how to explain well, thumbs up.
I should be one of your followers from now on.
my regards
Well Thanks for that! I should be doing more videos, but work and life have a way of getting in the way. Comments like yours are a great motivator, though. Have an AWESOME Day 😀
Nice job. But let users know that some routers/gateways have a setting that blocks accessing it via its public IP, from inside the LAN. So best way to test access from the WAN side, would be to use a RDP client on your phone, with WiFi turned off. This would cause your phone to use its cellular connection which would be on the WAN side of your gateway.
Hi Calvin,
Thank you for the informative comment. I have been trying accessing my router using remote port forwarding; I also tried to access my computer using the same steps, but all in vain. Could you please direct me if there are some settings to be disabled/enabled?
This is the most completed instruction I have found for the windows RDP and best secure connection. Thank you!
Thanks for this! I'm over here trying to set up a whole Linux VPN server to do this, this seems a lot easier!
Wish i had seen this video before getting RDP setup by someone else. He did not explain the dangers of a weak password and was hit by a ransomware attack within a week of setting it up. Thankfully had backups for everything else could have been catastrophic.
Great tutorial. I'll setup the RDP server now on my own
By far the best tutorial for remote desktop on RUclips. Professional and accurate. Thank you and BRAVO.
Thanks! Happy Friday 👍
Jerry! I have been struggling to make RDP work for days with all this WFH set-up during lockdowns... that is till I came to this video of yours. Thanks a lot!
Finally, I found somebody who explains RDP in a very understandable way. great job Jerry, and thank you. I am going over your videos one by one. I am pretty sure I will find some new things to add my knowledge. Thank you again.
What a good man you are, Jerry! Thank you for a very thorough, detailed, yet not crowded tutorial. Everything is straight to the point without anything missing or misleading. I can only wonder how much time it took you to compile such a great video. Like and a sub. Cheers, mate.
It's truly astounding how easy the internet makes learning these days. Thanks for the tutorial, my guy.
This is the one (video) I always come back to whenever need to set one up.
Thanks!
Great video. By following below mentioned steps, one can remote desktop on Windows 10:
Make sure you have Windows 10 Pro. To check, go to Start > Settings > System > About and look for Edition. ...
When you're ready, select Start > Settings > System > Remote Desktop, and turn on Enable Remote Desktop.
Make note of the name of this PC under How to connect to this PC. You'll need this later.
Finally, someone does a video that is complete and accurate.
There are far too many videos on setting up RD within the same network, which is quite simple to do and connect, however, for a remote location/network, as this video demonstrates, there is considerably more to it.
Thank you kindly for sharing your time and knowledge.
This is probably the best explanation I have come across well done that man !
Most excellent! I have a space station for a home desktop, but my laptop's from the stone age. Now I can actually play games on it! I really appreciate all the steps you included for added security, very helpful!
Very nicely done! I had RDP setup already but it wasn't secure and I was getting alerts from Malwarebytes that 3389 was compromised. Thank you and I hope all is good now. You saved me a lot of pain if I got hacked!
This was great. This covered a lot more topics than other videos.
Best video I've seen for RDP. Thanks Jerry.
Thanks so much. I really appreciate it!
this was a 22 min video but a two hour job for me I thank you i have a clear understanding what rdp actually is wonderful video and i maybe watch about a good dozen yours was the best. I do not never leave comments but you deserved one.
Thanks!
One of the best tutorials I have seen on this subject. Ever
Thanks!
This is AWESOME, Jerry. Thank you for creating it.
Very good informative video. I will try this on the weekend
Absolutely amazing. Thank you so much! This is the only info out there on this somehow. Thank you so much! :D
That was incredible. Like watching LOTR for the first time. Your presentation was so good and it worked beautifully. Thank you, my man!
This was fantastic. Thanks for taking the time and care to compile from your previous learning experiences and including links to this in all the previous videos.
Thanks! I appreciate the positive feedback :)
Awesome Tutorial , thank you
As an additional level of security you could add a more specific rule on the remote router. The rule would be to allow to connection to the target network's router. Of course your router would need to be able to support the network rule, and you might need to change it unless you have a static IP from your provider or use ddns. Great video overall Jerry!
Very usefull tutorial!!! Congratulations!!!
THIS IS EXACTLY WHAT I NEEDED. Finally I can play my games on my potato laptop when I travel! THANK YOU.
12/10 would watch again
Thank you so much, this video was amazingly helpful and easy to follow. You explained everything that you were doing and also why. One of the best tutorials I've ever watched hands down.
Excellent tutorial thank you very much.
This was the MOST useful and MOST helpful video on setting up RDP for both Local and Remote access; this really helped me a LOT. 🙌
Thanks! I appreciate the positive feedback 😎 have an excellent day!
Great video, thanks again 🙌🏼
Thank you so much! I have been trying to figure out how this is done for over a year now and this taught me in less than an hour.
Great video! I was able to connect locally on another PC on the same network.. but was unable to connect from an external network... Followed everything to a tee.... Created an Inbound rule for the masked port number, and port forwarded on my Nighthawk router to same...
Massive thankyou, I missed one thing in the firewall which you explained and it works!
No problem! Glad it worked for you :)
NOW!! I understand Port Forwarding! Which, obviously, I did not before. Excellent explanation, it's a nice feeling to have the lightbulb of understanding come on. Honestly, as fast as you moved along, I understood and feel confident I can accomplish this and have security. Thank you. Go have a beer... I will! Oh yeah... subscribed.
this is a godly tutorial. thank you so much
Why thank you!
Thanks sir this is very useful to us.if we follow this steps do we need a virusgurd?
Thank you, this walkthrough was thorough, clear, and exactly what I was looking for. I really appreciate the work on this
thanks a lot !!!! this was the only tutorial that worked
This is an excellent video. The secret to knowledge transfer is clear and concise communication and this video is a classic example of this. Well done Jerry.
Thanks Mike I really appreciate your comment 😊
Great tutorial, Jerry! Thank you
You are amazing! I work on networks and understand everything you said! Great tutorial
Thanks!
You got a like, a subscriber and a buzzer on from an old guy. TNice tutorials is the best soft soft tutorial I've seen so far. You covered a lot of
This was an excellent tutorial. Thanks.
Wow, I know this video was produced a long time ago. but thank you. That was a lot of great information. I had to turn off the port to my router at work because my server was getting hit by so many attacks, trying to get in. I am going to try this out. Thank you.
Thanks! The video isn't really all that old, and all the info is relevant. However, if you are connecting to a work PC from home, you may want something even more secure. Check this TruGrid system out: ruclips.net/video/bN_44mLt1Sw/видео.html
Amazing tutorial, awesome job!!! I especially appreciate going through all the security measures and explaining them well so I feel comfortable setting them up. I have much more confidence this can be done with some level of security now.
awesome job man. I've always wanted to do this but didn't have all the information in one place. You made it happen, ty!
Glad I could help!
Thanks for the video. I was getting in 9,000 attacks per hour from 10 different countries using the default settings. At least I was smart enough to have a hard pass word. But my router was bogging down.
If you're looking for something totally secure that doesn't require a lot of manual setup, check this out: ruclips.net/video/bN_44mLt1Sw/видео.html 😃
Very Very Good tutorial, very very well explained.
Thanks Very Mutch Jerry Boutot, if I'v seen this video 3 months ago, may be I haved avoid a lot of problems.
God bless you.
You're very welcome!
Fantastic job, Jerry! This is the clearest tutorial I've seen on this subject. This is super helpful to home (or small business) users that can't afford premium subscriptions to TeamViewer and the likes (especially useful these days of remote working).
Also, thanks for recommending the tweaks on the RDS group policy settings (and changing the default RDP port). They should be the default on any Windows installation IMO.
Not sure if you've already made a video on it, but a more secure alternative (although slightly less convenient) would be to setup OpenVPN on the router of the "home PC" (PC you are connecting to), which now days is supported on lots of modern routers (ASUS, Linksys, etc.), and then run the free OpenVPN client software on the "remote PC" (PC you are connecting from). With this option you can use other remote desktop software besides Windows' built-in RDC (i.e. use TeamViewer's LAN connection mode and just use your public WAN IP to connect). This also gives access to some other perks that come with being on the same (virtual private) network.
Thanks for the positive feedback. This video came into being just because I was trying to figure out how to do this without paying for software. I researched it and made the video using articles available for free in the Microsoft Knowledgebase. VPN is another story altogether, and as an IT Professional with responsibilities that involve cybersecurity, we recognize VPN as a vulnerability, so we don't use it. Nowadays we use a very inexpensive zero trust Remote Desktop solution from trugrid.com. It's great and I recommend it highly if you can afford $12 per month for 1 user and 10 computers. For business, the minimum is $15 per month and 20 users so $300 per month, but it's very secure. Check it out. And thanks again!
Great video man, thanks!
awesome video, extremely well explained. Thank you very much Jerry for putting down all that effort.
For those who follow the steps and still cannot get RDP to work, you may have chosen Public when first connecting your PC to your home network. Navigate to Settings > Network & Internet. Select Properties on the network interface you are using. Set it to Private, then try to RDP again. Hopefully my 1 hour of pain will be your benefit. Cheers!
THANK YOU! I got absolutely nowhere with Microsoft support. I have windows 11 and was able to follow along and get connected from my macbook!
Thank you for such nice expaination. Normally I work with VMware and RDP to VM's over VPN, but never did it secure and over the public internet. Someday I will try it out just for myself :)
Awesome job!
Thank you for explaining the whys' to the hows'; I'm new to all networking and can often follow tutorials, but the context is often not explained and thus can't be translated to other needs for networking. Thank you for your time!
I agree with you. It's not enough to have background music playing to a sped-up screen capture session. So many how-to's are done that way, because it's a lot easier than the time it takes to do a reasonably thorough job of teaching something technical. This took me somewhere in the neighborhood of 10 hours to do a 22 minute video. So I absolutely thank you for your positive feedback 😎
Thanks, so clear and thorough!
Thanks. Gonna give it a try. I suppose I could leave the local computer DCHP and just check the IPv4 from time to time.
Most routers come with a dynamic DNS partner. Set up a free account with NoIP and access your home PC with a friendly name like yourpc.noip.com or something like that. They take care of managing the changes on your ISP if they change your IP address.
This was just awesome! Thanks a lot!
Thank you Jerry for your walk through, it was explained well. I was able to connect when inside network but cannot connect outside the network.
Hi! If you're looking for something totally secure that doesn't require a lot of manual setup, check this out: ruclips.net/video/bN_44mLt1Sw/видео.html 😃
Easily the best guide out there, thank you sir!!
Wow man, you are awesome!!
I always got stumped by the ‘gateway’ text box, I thought that was where the outward facing IP was meant to go
wow excellent video, surprised so few views. I believe "port forwarding" may be labeled as "virtual server" on the router settings page as well.
Hi! Thanks for the comment. The reason it has so few views is it's so new. The previous version was done with Windows 7 and didn't cover securing the connection. That video has almost 800,000 views. Happy Holidays!
Thank you Jerry !!!!!
Excellent job! Many thanks.
Dude! GREAT instructional video. You know stuff! I haven't touched a Windows PC in a long time but you walked me through this procedure perfectly.
One note: the latest Windows 10 Pro appears to have the 128 encryption setting inside the Remote Desktop "Make my PC discoverable..." settings, rather than in that security folder which I couldn't find in the tree. Encryption seems to be on by default. Thanks again.
Thanks!
I think you may have been looking under "user configuration" instead of "computer configuration" in the Policy editor. I initially made the same error.
There does seem to be an option for 128-bit encryption where you are describing, but there aren't options for the other changes he makes in the security policy editor that I can see.
Need a little help please. I have the exact same Netgear router. The problem is that the computer's IP (5:18) changes fairly often. When I went through this tutorial, the IP ended with 14 (YT blocks this comment if I post an actual IP), then a couple days later it was automatically changed to end with 8 (or something different). So everything works great for about a day and then the address changes. How do I make it static? Thank you
Hi Jeff, the video shows you how to set a static IP using the PC. On the router, you'll want to look for IP Reservation or Address Reservation or something like that. There you will tell the router to always give MAC Address xxx the IP nnn.nnn.nnn.nnn
AWESOME tutorial !!! 2 questions:
1- Shouldn't you have also talked about SSH tunneling that is more secure than port forwarding ? unless all your tweaking renders SSH tunneling unwarranted !?
2- One important thing to set up up front is this is for remote CONTROLLING a pc and NOT remote ASSIST another user for the remote connection opens a new session in the remote pc parallel to the session the user is actually in so he won't see neither interact with the connection initiator (as I understand things).
Great points. On point #1, there are many different ways to accomplish RDP this is just one example. On point #2, if viewers don't know the difference between Remote Assistance and Remote Desktop, they shouldn't be playing in this sandbox, right? Anyway, If you're looking for something totally secure that doesn't require a lot of manual setup, check this out: ruclips.net/video/bN_44mLt1Sw/видео.html 😃
I was looking for this exactly, saved me a bunch of time and troubleshooting, very much appreciate the time and effort you put into this video!
You're welcome :) Stay safe!
Very thorough and clear, thank you!
Glad it was helpful!
what if i case where the router IP is not static /dedicated? how do I go about it?
Your router should have a setting for dyndns.com or noip.com. If there's no dynamic dns options, then you can still get dynamic dns and install a small app on one of your PC's that reports the public IP address to your dynamic dns provider.
Very well written and very thought out!
Thank you. Concise and to the point
Thanks!
This is excellent! You are the best.
Thanks!!
What a damn good video. Succinct and clear. Thank you.
I would suggest that viewers should first set a system restore point in case things go South and need to start all over.
You earned my sub..huge respect..as a software developer i find this very useful..thank you such..i have one question..will the target pc logout if i log in from remote pc via internet...will both of us be able to use the pc at the same time
No, you would be causing the other person at the target PC to get a lock screen. If you need to take over someone's PC while they're watching and can contribute, I just use Zoom or Teams meetings and take control. Other than that for remote support I just use SplashTop.
thank you for sharing this with us!!!
Wow. Youre the best ! Thanks a lot !
Best explanation by far for us totally new to the software, thanks for your ti man, really looking forward to learning how to make so
PARAMOUNT TUTO ! KUDO !!! Three questions :
1- The purpose of setting a *port forwarding* is to teach the router which machine inside the LAN to forward the remote WAN request to, BUT... if we have only one machine in the LAN, isn't port forwarding setting unwarranted since there is no choice dilemma for the router to route the WAN request to (there is only one machine in the LAN) ?
2- In the firewall rules settings, will checking ONLY *Private* for RDC permission prevent *any Public* (WAN) access from outside your local network (LAN) thus... blocking any remote access from Internet (WAN) ?
3- In Windows *Remote settings*, adding specific users in the 'white access list', you add what ? their IP address ? their user name ? their machine name ?
Thanks! To answer your questions:
1 - The router doesn't know that "one PC's" IP address. You still have to tell it what PC to forward the requests to.
2 - Firewall Rules settings are for the "Network Type" you select in your Network and Internet Settings. If you open the settings and click "Change connection properties", you can select if the connection properties are Public, or Private. Those firewall settings relate to this. If your network is Public, RDP will be blocked. The PC on your LAN should be set to Private when it's in the LAN. If it's a laptop and you go to somewhere else, you'll make a new connection - probably wireless, maybe public wifi - and THOSE connections should be set to Public to lock down the firewall settings and other sharing settings. So this firewall setting says "Do I allow RDP on Public, Private, or Both"
3 - Adding users, they have to be already local users on the PC or domain users if the PC is on a domain. From the outside world, you just use .\username if it's a local PC user, and domain\username if it's a domain user in order to connect.
Hope this helps! If you're looking for something totally secure that doesn't require a lot of manual setup, check this out: ruclips.net/video/bN_44mLt1Sw/видео.html 😃
@@jerryboutot Many thanks...
Awesome Video tutorial Jerry - I found it very interesting ..
Thanks 😃
EXCELLENTLY explained! My router does not allow for obscuring the ports ie. no external or internal port separation is there a way to make this happen in the same line of the port forwarding setting?
Hi! I'm not sure what you mean. Your Port Forwarding doesn't provide for 2 port numbers or ranges? You should have the ability to create a port forward, define the incoming port, and forward it to a different port.
Excellent tutorial, great video capture, easy to follow step by step instructions :) :)
Glad it was helpful! Thanks!
Can I suggest that on the local machine you suspend the login account after several failed login attempts for a set duration? This would help prevent a bruteforce attack on your account. You can do this in your policies
This is gold. Thanks.
Jerry, That was a very good video, very informative.
Thanks 👍
well done jerry, good work and thanks.
Thank you kindly