Lab server

nuglobenuglobe Member Posts: 190
I got a server from work, and was able to install windows 2003 on it. Tomorrow I will be taking it back and placing it in a cabinet (I work at a data center). I think I have it set up correctly so that I can connect from home and do all my exercises but I was wondering if someone could give me a list of things to double check so that I don't get home tomorrow and am unable to connect in.

GenshiroGuide: My blog about things I found useful. Now with videos. :)


  • sprkymrksprkymrk Member Posts: 4,884 ■■■□□□□□□□
    Your corporate firewall? Will you connect via VPN (and if so what kind - IPSec/PPTP, etc.) or simply RDP?

    Do you need port forwarding on your corporate firewall/router or are you connecting directly to a public IP (hard coded hopefully vs dynamic) on the server?

    Finally, if this server is on your corporate network be careful what services you enable so they don't disrupt your production LAN.
    All things are possible, only believe.
  • nuglobenuglobe Member Posts: 190
    I work at a datacenter, so I get my own public IP drop which goes straight to the telco. The firewall is a netscreen they gave me that I have set up pretty basic at this point.
    GenshiroGuide: My blog about things I found useful. Now with videos. :)
  • EverlifeEverlife Member Posts: 253 ■■■□□□□□□□
    If you're going in just using RDP, then do the following...

    1) Ensure port 3389 is open on your firewall and forwarded if necessary
    2) Ensure Remote Desktop is enabled on your server
    3) Either log in as Administrator, or create another user and add it to the Remote Desktop Users group. If you're planning on using another user account, and you are logging into a domain controller, ensure you allow the Remote Desktop Users group the user right to Log on through terminal services. By default a domain controller will only allow the Administrator to log on.

    If it's a default install, that should cover it. If I'm missing anything or am off on anything, I'm sure one of the super gurus will cover it. =)
  • taktsoitaktsoi Member Posts: 224

    Don't just ever forward 3389 for remote desktop. If you got hacked, thats' it. You be a goner. Port forwarding is never secured as data is not encrypted. So what I suggest is that some ENCRYPTIONs must be done for you to logon using remote desktop.

    My setup is setting a VPN (PPTP or IPSEC) on your firewall. Create firewall polices for only that 3389 port to your server only. ex. wan -any > LAN port 3389.

    Once you have that setup, you initialize the PPTP or IPSEC vpn connection to the firewall. Once it is initialized, you have a VPN tunnelling. So you can initialize the remote desktop connection using your server's LAN ip address.

    This setup would be more secured than a plain of 3389 port forwarding.

    just my 2 cents.
    mean people SUCK !!! BACK OFF !!!
    The Next Stop is, MCSE 2003 and CCNA.
    Bachelors of Technology in 1 More Year.

    -Working on CCENT. Thank you my love <3
  • nuglobenuglobe Member Posts: 190
    Thanks for the input. It actually isn't up. I actually put the firewall up and it froze up some of the ports on the switch... bringing down 13 paying clients. The guy above me said it couldnt have been that but it only happens when I put the firewall up. Anyway thanks. icon_cool.gif
    GenshiroGuide: My blog about things I found useful. Now with videos. :)
Sign In or Register to comment.