How to set up Windows Remote Desktop. Remote Desktop Connection

Good afternoon Dear readers and guests of one of the largest IT blogs in Russia, Pyatilistnik.org. Last time we figured out the reasons for the appearance of a black screen in Windows 10 and other editions of the system. Today I want to write you a post about RDP technology, namely, we’ll talk about Windows Remote Desktop , we’ll look at methods of how to connect to it, which clients are best to use, who have what advantages and conveniences. I am sure that this information will be useful to everyone.

What is Remote Desktop

Now in the world of mobility and remote work, a very large number of people in large cities and in many developed countries prefer to physically spend less time in the office, spending at least 2 hours a day on the road and replacing this scheme with remote work. Remote work involves not only having email, but also possibly connecting to a corporate workplace.

Remote desktop is a technology for providing remote access via RDP to a server or computer, as if the user were working on it locally (as if he were working on his own computer). The implementation of this technology involves several options:

  • Terminal Table Service in older versions of Windows Server 2008 R2, users log into remote servers where they work with the programs they are familiar with.
  • RDS farms - began to appear starting with Windows Server 2012 R2, users log into remote servers, where they work with the programs they are familiar with.
  • Just enable remote desktop on a Windows computer, but you will need either a public IP address or configure port forwarding to the desired server.
  • Working with RemoteApp are specially prepared applications that are essentially executed on a remote server in a remote desktop session
  • Internet services that allow you to make an RDP connection to a remote computer through a browser or mobile application, even behind NAT, for example Getscreen.me.

It doesn’t matter how your company’s connection to a remote server or computer is configured, in this article we’ll talk about the tools that allow you to do this.

Static IP address. What is needed for remote access via rdp

One of the important points regarding setting up and subsequently using a remote desktop is the need for a static IP address on the remote computer. If you are setting up a remote desktop that will only be used within the local network, then there is no problem. However, remote desktop is mainly used for external access. Most providers provide subscribers with dynamic IP addresses and this is quite enough for normal Internet use. Static (“white”) IPs are usually provided for an additional fee.

So, to access the remote desktop you need a static IP address on the computer to which we will connect. We will clarify this issue with the provider. Of course, if there is no way to obtain a “white” IP address from an Internet company, there are alternative ways to obtain it. For example, you can use the LogMeIn Hamachi program.

Setting up a remote desktop connection

Before we look at all the variety of methods and clients for connecting via the RDP protocol, I would like to show you the minimum you must do to enable this functionality on a remote server. I remind you that you must have the function enabled to allow connections on port 3389 . There are a number of activation methods for this. For example, in Windows 10, you can open “Windows Settings” (by simultaneously pressing the Windows key + I), where we find the “System” item.

We find the “Remote Desktop” section there, where you can see a switch that enables this function “ Enable Remote Desktop ”.

Confirm that RDP is enabled.

After which you will automatically have a rule created in the Windows Firewall and you will be able to connect to the remote desktop from any device that has the required client.

The universal method to enable RDP on any version of Windows is that you open the Run window and enter:

sysdm.cpl

Go to the “Remote Desk” tab and activate the “Allow remote connection to this computer” section.

By the way, I recently told you how to remotely enable an RDP connection, I advise you to read

At this point, setting up a remote desktop is not yet complete in a minimal sense, since you need to provide connection rights; by default, they have two groups:

  • Local group Administrators
  • Local group "Remote Desktop Users"

The easiest way to find these groups and bring them into the form you need is in the Computer Management snap-in; to do this, enter compmgmt.msc in the Run window, then go to the Local Users and Groups section.

Next, click the “Add” button and fill the group.

If we are talking about a more complex infrastructure of terminal tables and RDS farms, then the settings are more complex, you can read about them on my blog. Now that you have made all the minimal settings for the remote connection, you can test and select an RDP client.

If you are connecting to a server using Windows OS

Press the Win+R key combination and in the window that opens, type mstsc.exe and click “OK”.

In the window that opens, specify the VDS IP address and click the “Connect” button.

Then enter the username and password from the instructions and click “OK”.

When connecting to the server, the application will show a notification about an untrusted certificate.

The notification indicates that the server is encrypting the transmitted data with a self-signed SSL certificate.

Oh and click Yes.

The server desktop will open in a new window.

Connecting to a remote desktop with the built-in client

I will connect to my Windows Server 2022 server with the DNS name SVT2019S01 . First, I'll ping it and check that it's available.

It is logical to assume that Microsoft made sure that the user did not have to look for third-party applications to work with remote connections, and it built its client into Windows.

MSTSC (Microsoft Terminal System Console ) - This is a built-in client that I have already become friends with since Windows XP. Opening it is very simple, the simplest and most universal method. Open the Run window and type mstsc, then press Enter.

As a result, the Remote Desktop Connection client window will open.

By the way, you can also open mstsc /admin in administrator mode, I cited the case of connecting to a specific terminal host located in the RDS farm

The second simple method to find an RDP client is to search the system. Click the magnifying glass icon and also enter mstsc, you noticed that I write in English, I do this on purpose, since this abbreviation will open in any localization, but no one is stopping you from typing “Remote Desktop Connection”.

The third method for launching the built-in RDP client is from the command line or powerShell, where you just need to enter:

mstsc

Well the fourth method is to use the “Start” menu, where in standard Windows utilities you will also find the “Remote Desktop Connection” shortcut.

Network settings, port forwarding

As mentioned above, to access the remote desktop you need a static IP address.

If you do not have any routers and the Internet cable goes directly to the computer, then skip this section and move on to the next one. If you use a router, you need to make additional settings on it.

If you plan to use the remote desktop only on a local network, then it will be enough to just assign a local IP to the desired computer (follow the first part of the instructions, without forwarding ports). If you need access from outside, then you also need to do port forwarding. To open access to the remote desktop you need to forward TCP port 3389.

Basic settings of the built-in RDP client in Windows

Before we connect to the Windows Remote Desktop, I would like to show you some settings that will be useful to you. In the mstsc client, click the Show Options .

As a result, you will have a huge number of settings for different scenarios. General tab will allow you to set:

  • Computer field - allows you to specify the server or computer to which the connection will be made, in my example, this is SVT2019S01
  • The “User” field will require you to provide information about the account on behalf of which the connection will be made. If the user is a domain user, then you can use two constructions Domain\username or [email protected] In my example, my domain root.pyatilistnik.org will be look like this: root\sem. If you connect frequently, you can speed up the process by checking the “ Allow me to save credentials ” checkbox so you don’t have to enter a password.
  • Connection settings - will allow you to save the connection with these settings as a separate file; to do this, click “Save as”.

Give the rdp file a name and save it in the desired location.

I have a file saved on my desktop, by the way, you can also open it with a regular notepad to be able to see its settings; if you click the “ Edit ” button, a graphic editor will open.

Let's look at the rest of the settings that may be useful to you. Go to the “Screen” tab, here you can set:

  • Display settings - allows you to set the required screen resolution of the remote desktop; in most cases, the standard “Full Screen” value is suitable.
  • Color depth - sets how much of the color palette will be involved in transmitting the image during the session; if you have a weak network connection, you can reduce the quality, thereby increasing the response speed

The “ Local Resources ” tab will help you decide which devices and their functions need to be transferred to the remote desktop:

  • Remote desktop sound - in the settings you can set whether you want to play sound there and have the ability to record

  • Keyboard - Sets how keyboard shortcuts should be passed to your remote session.

  • Local devices and resources - here you specify which devices with you will be redirected to the remote session, so for example, you can select printers, which will allow you to print to your local printer via a remote desktop, the same with the clipboard or USB devices, external drives .

Interaction tab will help you save network traffic by setting how fast your connection is and what visual effects you need to transmit, for example, you don’t need a desktop background and font smoothing, here you can easily turn it off.

A very useful function is to restore the connection when it is disconnected; here, within 30 seconds, the mstsc client will try to restore the connection to your session. The last tab is “Advanced”, here you set the behavior for displaying warnings with an SSL certificate on your remote desktop connection. The choice will be:

  • Connect without warning is the least secure option, any self-signed and expired certificates will be accepted without notifications or alerts, can be used in test environments.
  • Warn is the most correct option, allowing you to connect, but with mandatory notification

  • Do not connect - here, if you do not trust the certificate of the server or computer, then the connection to the Windows remote desktop will be blocked immediately.

Well, after all the RDP client settings, we try to connect to the Windows remote desktop. You will be prompted to enter a password; if you wish, you can save it for future connections.

As a result, I calmly connected to my Windows Server 2019 server. At the top you will have a tab reminding you that you are connected via RDP, to get to your local computer you need to click the minimize button in the form of a dash. I would like to note that by clicking the cross you will simply close this window, but your session will continue to work. To log out correctly you need to log off , through the start, selecting the “ Exit ” item.

If you receive the error “An authentication error occurred. The specified function is not supported. Remote computer name. The cause of the error may be a fix for CredSSP encryption,” then you can see the link to see how it can be solved

Enable remote connections on your router

If you require remote access to your device over the Internet , in addition to configuring system properties, you will need to configure your local router to allow remote connections. Additionally, you need to know your public IP address in order to contact a remote computer over the Internet.

Setting up a static IP address in Windows 10

Typically, computers on a private network are assigned dynamic IP addresses, meaning they can change at any time. If you'll be using Remote Desktop regularly, it's a good idea to set up a static IP address on your computer so you don't have to reconfigure the port forwarding settings on your router every time the device gets a new address.

To set a permanent IP address for your computer, follow these steps:

  1. Open Control Panel .
  2. Go to the Network and Internet .
  3. Click on Network and Sharing Center.
  4. Click the Change adapter settings link in the left pane.

  5. Right-click the adapter connected to your network and select the Properties option.
  6. Select component IP version 4 (TCP/IPv4).

  7. Click Properties.
  8. On the General tab, select the Use the following IP address .
  9. Specify a valid local IP address outside the local DHCP scope to prevent address conflicts. For example, 10.1.2.
    You will find this information in the DHCP settings section of your router. Routers usually have different interfaces, which means you'll need to check the manufacturer's website for more details. If you are not sure which configuration you need to use, you can use the current TCP/IP configuration as a reference, which you can find using the ipconfig /all command at the command prompt.
  10. Specify the subnet mask for the network. On most home networks, the subnet mask is 255.255.255.0
  11. Specify the default gateway address, which is the IP address of the router. For example, 10.1.2.1

  12. In the "Use the following DNS server addresses" section, in the "Preferred DNS server" field, enter the IP address of your DNS server, which in most cases is the IP address of your router.
    If you can't connect to the Internet, try using the Yandex public DNS addresses 77.88.8.8 and 77.88.8.1 for "Preferred DNS Server" and "Alternate DNS Server", respectively.
  13. Click OK → Close.

After completing these steps, the new network configuration will be applied and the IP settings will not change over time.

Determine public IP address

When you try to access a computer over the Internet, you also need to know the public IP address of the network the device is on.

To find your connection's IP address assigned by your Internet Service Provider (ISP), follow these steps:

  1. Open any web browser.
  2. Go to Yandex.
  3. Search for "My IP".
  4. You will see your public IP address in the first result.

Typically, ISPs offer dynamic public IP addresses for residential consumers, which means that your public IP address may change from time to time.

If you need a more robust solution, there are services that offer Dynamic Domain Name System (DDNS) services such as No-IP and DynDNS, which can track changes to your public IP address. Alternatively, you can contact your ISP to obtain a static IP address (usually) for an additional fee.

Direct port on the router

As part of the remote access setup process, you must redirect TCP port 3389 on your router to allow remote connections over the Internet to a computer on your local network.

The settings available on your router vary widely depending on the model and brand. However, you can use the following steps as a reference guide for setting up your router. If you need more specific information, you will need to visit the manufacturer's support website.

To forward a port on your router, follow these steps:

  1. Open a command prompt.
  2. Type the following command to view the current TCP/IP configuration and press Enter: ipconfig
  3. In the IPv4 Address field you will see the device address. For example, 10.1.2.
  4. The Default Gateway field will contain the device's gateway address, which is the address of the router. For example, 10.1.2.1
  5. Open your web browser.
  6. Enter the router's IP address (default gateway) in the address bar and press Enter.
  7. Login to the router using the correct username and password.
    If you've never done this and are using an ISP device, your login and password can be found on a sticker attached to your router/modem.
  8. Find your port forwarding .
  9. Make sure that the port forwarding is enabled (if applicable).
  10. Below the port forwarding list, click (in this case) the button Add profile.

  11. Create a new port:
    • Service Name: Provide a reference name for the service. For example, OfficePC (optional)
    • Protocol: TCP

  12. External port: 3389.
  13. Internal port: 3389.
  14. Internal IP Address: Enter the IP address of the computer you are connecting to. For example, 10.1.2.201
  15. Click OK.

Once you complete these steps, the settings will be saved and the port will open, allowing you to connect to a remote desktop over the Internet.

Remote access to a computer via a browser at Getscreen.me

While quarantine and a pandemic are raging all over the world, a huge number of people are sitting and working from home, Internet providers are experiencing enormous loads on their channels, and system administrators around the world are racking their brains about where to get the resources to implement remote connection of staff to their workplaces. everyone has enough servers, licenses and competence to set up. Online services come to the rescue in this situation, allowing you to implement an RDP session on your server or computer in a couple of minutes. I’ll give an example of one of dozens of such sites, it’s called Getscreen.me .

Getscreen.me is a cloud-based solution for managing remote computers, servers, and even entire offices and enterprises. This service has a whole bunch of advantages:

  • Connecting to a remote computer using a link from a browser
  • Connecting from a browser without the need to install a client (For a one-time connection to a remote computer, installation of an agent is not required. Installation is required only for permanent access.)
  • NAT bypass and independence from dedicated IP addresses
  • No problems with versioning
  • Ease of integration through the use of web technologies
  • You can access devices running Windows, macOs, Linux operating systems, with access to mobile devices in the near future
  • Strong encryption based on one-time AES keys and elliptic curves
  • No intermediate servers
  • NAT Traversal . There is no need to have static, dedicated IP addresses. The connection is established using WebRTC technology
  • Simplicity and speed of implementation
  • Does not require firewall settings, since https 443 ports are used
  • Unified control center - Manage your office or enterprise from your personal account at any time
  • There is a logging system that saves connection history
  • You can monitor servers by performance, disk space, traffic volume
  • You can share access to your computers with or without a time limit
  • Transfer files in both directions
  • Convenient work with multiple monitors. Switch between monitors with one click
  • There is a built-in chat with a remote computer

To try the Getscreen.me service you need to follow the link https://Getscreen.me

It’s convenient that here you can immediately see a demo stand to evaluate how it will look in practice. If everything suits you, then we go through a simple registration. You provide a valid email address to which your password for your personal account will be sent.

As a result, you will be taken to your personal management account. Here you can monitor your servers and computers through agents, as well as view active sessions.

Download and install the agent on the computer or server where you plan to connect remotely via RDP; at the time of writing, Windows and MacOS platforms are available.

Next, you copy it to the desired device and launch it. You can immediately notice that it is possible to connect via RDP using a link or QR code without installation. Before installation, I recommend that you go to the “Sign in” tab and log in.

We indicate the login and password received during registration, this will connect your agent with your account.

If everything is entered correctly, you will see the status “You signed in as”

On the “Settings” tab you can set autorun and media settings.

In your personal account, you will see the new agent, its status and the ability to quickly connect.

We are trying to make an RDP connection through a browser. As a result, you will have a new tab open with a help panel at the top, note that it is easy to collapse. Here you have buttons:

  • Enable/Disable sound from agent desktop
  • Enable/Disable Microphone from Agent Desktop
  • Hide/Show chat window

Managing the clipboard on the agent.

Two-way file sharing.

A list of hotkeys is presented that can be sent through the browser with a simple click of the mouse.

As you can see, this cross-platform solution for remotely connecting to a computer and controlling it from any device, using a browser is simply great and outrageously simple

In the settings of each agent, you can select the method through which you can provide access to other users to RDP connect to your server through a browser.

Here you either give access to another registered user of the Getscreen.me service.

Or share access using a link and password.

All active sessions will be displayed in the corresponding section.

As you can see, it is also very simple, and control is available from anywhere in the world, through any device with a browser. All the settings took me less than 10 minutes, no knowledge of firewall management, NAT and much more was required, as they say, everything ingenious is simple. I advise you to try the Getscreen.me service, I recommend it from my own experience.

For most people, the service will be absolutely free and there will be a small limit on two agents and the time of a continuous session, then a new one will be opened without any problems. For small organizations it is quite possible to allocate.

MacOS

To gain remote access from MacOS, you will need to install the free Microsoft Remote Desktop in the App Store.

Launch the installed application and click the “Add PC” button.

Next you need to fill in the data.

In the “PC name” field, enter the domain that leads to the server, or the server’s IP address.

There are two items in the “User account” drop-down list:

  1. Ask when required — ask for a password when connecting. Select this item if you want to enter your login and password each time you make subsequent connections to access the server.
  2. Add user account — create a user to connect. Select this item to save your login information and not enter it in the future.

Click Add. After this, you will see the created connection in the application. Double click on it to connect to the server via RDP.

The first time you connect, you will receive a notification about an unverified certificate. The fact is that the connection is protected by a certificate certified by the server itself, and not by a certification authority. To prevent the notification from appearing in the future, click Show certificate and check the Always trust box. Apply the changes by clicking Continue.

Connection errors

Even if you did everything according to our instructions, something may still interfere with the connection. Here are the most popular problems:

Firewall

Although Windows should automatically make changes to the firewall after changing network settings, sometimes this does not happen. That's why:

  1. Open your firewall (you can find it in the Start menu search bar).
  2. Click on "Allow this program to run...".
  3. In the list, find and check the boxes for the Remote Desktop program for both local and public connections, and then save the changes.

If your firewall is not from Microsoft, then it is better to find out how to configure permissions from the software developer.

Remote connection port

The ISP may be blocking the port for which we created the forwarding. To eliminate this problem, you need to contact support.

PC name

When you enter a PC name, it is better to use the IP address rather than the name of the computer itself.

Rating
( 2 ratings, average 4.5 out of 5 )
Did you like the article? Share with friends:
For any suggestions regarding the site: [email protected]
Для любых предложений по сайту: [email protected]