Let's look at an example of Keenetic router configuration for remote connection to a computer in the local network via RDP (Remote Desktop Protocol). The Remote Desktop Network Protocol is used to provide a user with remote access to the computer (server) where remote connection to the desktop is allowed. In the Windows OS, the Remote Desktop application is a part of the operating system.
NOTE: Important! Desktop versions of Windows 7/8/10 have license restrictions:
1. Only Windows 7/8/10 Pro, Windows 7 Ultimate, and Windows 7/8/10 Enterprise can accept the remote connection to a computer via RDP. Starter and Home versions do not offer this option. Owners of these systems will connect from their computers to others via RDP, but they cannot accept a connection via a remote desktop.
2. Only one user is allowed to connect to the remote desktop (one session).
Clients for connection via RDP protocol exist for almost all versions of Windows, Linux, Mac OS X, iOS, Android operating systems. By default, TCP 3389 is used for RDP protocol work.
Configuration of a Keenetic router to establish a remote RDP connection to a computer on the local network will vary depending on what IP address the router uses to access the Internet — public or private. Please refer to the article What is the difference between a public and private IP address?. From this article, you will learn how to determine for yourself whether your IP address is public or private.
Public IP address
With a public IP address on the router for Internet access, you can connect directly to any computer in your home network. To do this, you need to register the computer on your local network via the Keenetic web interface, assign a permanent IP address to your computer, and on the Forwarding page, create a rule to forward TCP port 3389 to this computer.
The value of the 'Input' field must be specified correctly. In this field, you should choose the connection or interface through which Keenetic accesses the Internet. In most cases, you should select the 'Provider' interface. If you have an Internet connection via PPPoE, PPTP or L2TP, you should select the appropriate connection. If you connect to the Internet via a 3G/4G USB modem, you should specify this connection. When connecting via WISP, select the connection with the network name to which your Keenetic is connected.
In the 'Output' field, select the device, connection or interface to which incoming traffic will be forwarded (in our example, it is the 'idea-PC' computer registered in the home network). You can select 'Other device' and specify the IP address in the' Output' field.
In the 'Protocol' field, specify a protocol from the list used for port forwarding (in our example, it is TCP/3389).
NOTE: Important! There is no need to make additional firewall configuration because when using a forwarding rule, the router will open access to the specified port by itself.
Now create a connection to a remote desktop from an external network device (from the Internet).
126.96.36.199 myrouter01.keenetic.link myrouter01.dyndns.org
NOTE: Important! When using the domain name KeenDNS, you should use the 'Direct access' mode in the service settings (for public IP addresses).
TIP: Tips: For a safe and secure connection from the Internet to your Keenetic router and home network computer, we recommend you to use a VPN connection. Turn on the L2TP/IPsec or PPTP VPN server on the Keenetic router. First, set up a connection from the external network device (from the Internet) to the VPN server and then through it, you can access your home computer via RDP protocol. In this case, you won't need to create a port forwarding rule, and you will need to specify the IP address of the computer on your home network as the computer to connect to — for example, 192.168.1.31.
Private IP address
If you have a private IP address on your router for Internet access, you will not be able to connect directly to a computer on your home network (this requires a public IP address). Also, the RDP protocol (TCP/3389) will not work through our cloud service KeenDNS. KeenDNS in 'Cloud access' mode works only for HTTP/HTTPS protocols.
But you can use an SSTP VPN server on the Keenetic router. The SSTP server allows you to establish a connection between client and server, even if you have a private IP address. You will need to create a connection from the external network device (from the Internet) to the VPN server, and then through it, you can access your home computer via RDP protocol. In this case, the RDP connection will work inside the SSTP tunnel, and nothing will interfere with remote access via the RDP protocol.
In the router's web interface, it is necessary to register the computer in a local network (to which you plan to organize remote connection) and assign a permanent IP address to the computer.
Then configure the SSTP server on the Keenetic router as described in the article SSTP VPN server.
From the external network device (from the Internet), set up a connection to the SSTP VPN server. To connect to the server, you can use as a client:
- Windows computer — Connection via SSTP from Windows;
- Android mobile device — Connecting via SSTP from Android.
Next, create a connection to the remote desktop.
You will need to specify the IP address of the computer on your home network as the computer to connect to — for example, 192.168.1.31.
NOTE: Important! As the SSTP VPN server, in case of a private IP address, works via the Internet cloud, in the settings of the KeenDNS service, only the 'Cloud access' mode should be used.