Can you RDP into multiple machines in the same router from the internet with all machines using default RDP port 3389?

0

Can you RDP into multiple machines in the same router from the internet with all machines using default RDP port 3389?

Basically, my work has all unnecessary outgoing ports blocked. 3389 (default RDP) port is not blocked. So changing the default RDP port to like 3390, 3391, etc. is not an option. I have a couple of virtual machines set up at home, all running different OS. Currently, I RDP into the one machine where I've kept the default RDP port, and then RDP into other machines from that.

I want to know if there is a way for all machines in a network to be on default RDP port 3389 and if one can still RDP into each machine from the internet.

Again, these are not real workstations, these are VMs running in VirtualBox. I don't use port forwarding right now and have all interfaces set to Bridged mode making these VMs retrieve IP addresses directly from the router.

Please advise.

DivZ

Posted 2018-07-11T07:48:52.323

Reputation: 21

What you want is the RDP equivalent of the concept of an HTTP reverse proxy. This can be done with Remote Desktop Gateway, but requires Windows Server and listens on 443 (by default). – Bob – 2018-07-11T08:53:31.527

Answers

0

No, this cannot work.

First you would need access to your work router in order to set up port forwarding, or be allowed to use UPNP to forward the internet facing port to your machine. Whether or not your network is set up to allow this is another question entirely and is something only your IT support can answer. I would expect the answer to be either "No." or " Why exactly do you need this?"

Ports cannot be forwarded to multiple machines, and it is not a matter of "this port should just be forwarded to every machine indiscriminately". That is not how networking works and while you as a person can imagine saying "I want to blast a request out at a whole load of places and just pick the one response that I actually care about at that particular moment" it is actually incredibly difficult to do and manage in software.

You are essentially wanting to have the internet facing port broadcast everything as multicast to every machine, but somehow only work as a unicast machine-to-machine connection. Not only is this impossible, it is potentially a security risk if a bug is found in the program that could allow someone to simultaneously infect every machine on a network instead of just one of them.

If you actually need to do this then you should have a single machine that you connect to within the network and then bounce out via that machines local network to the other machines that you want to use.

Mokubai

Posted 2018-07-11T07:48:52.323

Reputation: 64 434

Right I knew this was most likely not possible on a regular network (and extremely unsafe) but just heard there were workarounds using virtualbox port forwarding. Anyways, thanks loads for the response. – DivZ – 2018-07-12T11:11:45.490

Asked: 2018-07-11T07:48:52.323

Viewed: 76 times

Active: 2018-07-11T08:43:31.653