Blog

How to access a remote Windows hidden behind NAT over RDP?

How to access a remote Windows hidden behind NAT over RDP?

RDP (Remote Desktop Protocol) is a proprietary protocol developed by Microsoft, which provides a user with graphical interface of a remote computer in order to use that computer remotely.

Imagine that you are for instance on a vacation and you need to access your remote computer. If the computer has a real public static IP address, you can access the computer using RDP without any trouble. But if the remote computer is hidden behind NAT (its real public IP address is shared by many computers in that network and can be changed anytime), the RDP connection cannot be established.

The solution is simpler than it might seem.

What do you need for RDP connection to a remote PC behind NAT?

  • A remote computer with Windows Professional secured by a username and a password.
  • Real public static IP address provided by UnblockVPN – Dedicated IP
  • A router with VPN client and port forwarding. Example: TP-Link TL-WR841N

Solution overview

This following guide describes a case when you have an access to your wireless router in order to configure VPN client in there. But if you do not have an access to the router, you would need to connect your Windows Professional to UnblockVPN directly in order to get a public static IP for RDP connection.

The following diagram shows the connection between all devices.

RDP connection over VPN - diagram

As you can see, the main goal is to connect your laptop (RDP Client) to the Windows Professional (RDP server). But if your Wireless Router does not get a non-shared public static IP address from your ISP (Internet Service Provider), you need to get such IP address from UnblockVPN.

Once you connect your Wireless Router to the UnblockVPN, it will get a non-shared public static IP address. After that, the router will be visible and accessible from the Laptop using that IP address.

Now you have access to the wireless router, but not to the Windows Professional (RDP Server). So you need to tell the Wireless Router to forward all RDP data (usually port 3389) to the Windows Professional.

And that's it. Let's look at the detailed guide of how to configure all the mentioned steps with a real situation and devices.

Main guide – How to configure it?

  1. First thing you need to do is to connect your router to VPN in order to get public static IP address and set up port forwarding to port 3389. This step is described in following guide: VPN and port forwarding configuration guide for TP-Link TL-WR841N.

  2. You have to allow RDP on the computer that you want to access remotely. Enter the word “Allow” into Windows Search Bar and click on “Allow remote access to your computer”.

  3. RDP connection over VPN - diagram

  4. Go to “Remote”, check “Allow remote connections to this computer” and click “OK”. That is all you have to do on the remote computer that you want to access.

  5. RDP connection over VPN - diagram

  6. On your RDP client (the computer which you will access your remote computer from) open Windows search bar and enter word “Remote” and click on “Remote Desktop Connection”.


  7. RDP connection over VPN - diagram

  8. Enter your UnblockVPN dedicated IP address (the IP which has been assigned to the wireless router in STEP 1 in this guide) and click “Connect”.

  9. RDP connection over VPN - diagram

  10. Enter Windows login details of the remote computer (RDP Server).

  11. RDP connection over VPN - diagram

  12. This is how a successfully established remote connection looks like. You can control the remote computer in the opened window.

  13. logo
    RDP connection over VPN - diagram


Conclusion

This solution works not only for RDP connection, but you can use it for a remote connection to CCTV, NAS or different type of a remote server. If you need any further help or if you have any questions, please feel free to contact us.