How to Set Up Remote Desktop

Last updated on February 18, 2025

Remote Desktop is a Windows technology that allows client computers to remotely access the host computer’s Windows programs, files, and network resources. After connecting, users can remotely control the host computer using their client computer’s mouse and keyboard as if the host computer was their own.

How to set up Remote Desktop Connection on the host computer

To prepare the host computer for Remote Desktop connections, do the following:

1. Ensure the host computer runs on a Professional, Enterprise, or Ultimate Windows edition. Other editions do not support incoming remote desktop connections. Here’s how to check your Windows edition.

2. On your host computer, navigate to Start → Settings → System → Remote Desktop and toggle the Enable Remote Desktop switch.

3. If prompted to confirm turning the remote desktop on, click Confirm.

4. Click Advanced Settings and check Require computers to use Network Level Authentication (NLA) to connect.

5. Navigate to Start →  Control Panel → System and Security and click Allow an app through Windows Firewall.

6. Click Change settings, find Remote Desktop, check the checkbox for Private and Public, and click OK to confirm your changes.

7. Launch the Command Prompt as administrator, execute the command ipconfig, and note the IPv4 Address.

8. Navigate to Start →  Control Panel → System and Security and click Allow remote access.

9. Select Allow remote connection on this computer and click OK.

10. If you are using a local network, your Remote Desktop configuration on the host computer is complete, and you can now access Windows programs remotely.

However, if you are not using a local network, you must make the host computer connect over the Internet.

You can do that through Port Forwarding or Using a VPN.

How to use Remote Desktop Connection over the Internet using a VPN

1. Navigate to Settings → Network & Internet → VPN and click Add a VPN connection (or Add VPN if you are using Windows 11).

2. Enter all the required information (VPN provider, connection name, server name, VPN type, type of sign-in info, user name, and password) and click Save.

3. Windows will add your new VPN connection. You can now click Connect to connect to the VPN.

How to use Remote Desktop Connection over the Internet using Port Forwarding

If you cannot use a VPN, you can set up port forwarding instead.

Port forwarding is a feature that makes the client computer gain remote access to the host computer by using the host computer router’s external IP address.

Protect Your RDP with Robust MFA – Try It Free for 30 Days →

Set your IP to static for Port Forwarding

1. Open the Command Prompt and run the ipconfig/all command.

2. Copy the values of the IPv4 Address, Subnet Mask, Default Gateway, and DNS Servers. You are going to need them later.

3. Open the Control Panel and navigate to Network and Internet → Network and Sharing Center.

4. On the sidebar, click Change adapter settings.

5. Right-click the active adapter to open the context menu and select Properties.

6. From the list in the Networking tab, select Internet Protocol Version 4 (TCP/IPv4) and click the Properties button.

7. In the General tab, select Use the following IP address.

8. Paste the values of the IPv4 Address, Subnet Mask, and Default Gateway that you copied before into the fields under Use the following IP address.

9. In the Use the following DNS server addresses section, add your DNS server (the value copied before) in the Preferred DNS server field.

10. Click OK to save your changes.

Configure your router for Port Forwarding

1. Log in to your router’s admin console.

2. Find a port forwarding option in your router’s admin console. Depending on the router, it can be under various categories, such as Network or Forwarding. So, you might want to look at the router’s documentation for more information on where it is located.

3. Enable port mapping on your router and set the following options.

Type	Application
Mapping Name	RDC
Internal host	IP address of the host computer (this is the IPv4 address you copied before)
Protocol	TCP
Internal port	Enter your RDP port to allow RDC to forward this TCP port on your router. The default port for RDP is 3389. Note that you can change the RDP Port in Windows.
External port	Enter your RDP port to allow RDC to forward this TCP port on your router. The default port for RDP is 3389. Note that you can change the RDP Port in Windows.

4. You have successfully set up Remote Desktop Connect on the host computer. You can now access Windows programs remotely.

Why Remote Desktop Security Matters

Using Remote Desktop connections requires robust authentication mechanisms that protect users and the corporate network from unauthorized access. Opening Remote Desktop ports to the public Internet is a huge security risk and increases the likelihood of cyberattacks. If you use a VPN instead of Port Forwarding, you still have to ensure the security of both your VPN and RDP connections. Since most companies protect their VPN and Remote Desktop connections with nothing but a password, hackers target weak points in these technologies, like open TCP ports or old VPN accounts, to wedge their way into the company’s network.

All the preceding makes Remote Desktop (and VPN) security of paramount importance. A firewall is good, but it is not enough. You need something to ensure the top security of user logins for RDP, VPN, and possibly many other services, such as RD Web Access and RD Gateway.

Enhancing Remote Desktop Security

Implementing Remote Desktop Protocol (RDP) facilitates convenient access to your system from remote locations. However, without proper security measures, it can expose your system to potential threats. To safeguard your data and maintain system integrity, consider the following best practices:

1. Enable Network Level Authentication (NLA)

• NLA requires users to authenticate before establishing a remote session, adding an extra layer of security.
• To activate NLA:
  • Navigate to Start → Settings → System → Remote Desktop.
  • Click Advanced settings.
  • Ensure the option Require computers to use Network Level Authentication (NLA) to connect is checked.

2. Implement Multi-Factor Authentication (MFA)

• MFA adds an additional verification step, significantly reducing the risk of unauthorized access.
• Integrate Rublon’s MFA for Remote Desktop to enhance your RDP security seamlessly.
• For a seamless and secure integration, consider utilizing Rublon’s MFA for Remote Access Software.
• Rublon provides easy-to-deploy solutions that enhance your system’s security without compromising user convenience.

3. Use Strong, Unique Passwords

• Ensure all accounts with RDP access have robust passwords combining uppercase and lowercase letters, numbers, and special characters.
• Regularly update passwords and avoid reusing them across different accounts.

4. Restrict RDP Access

• Limit RDP access to specific IP addresses to minimize exposure.
• Configure your firewall to allow RDP connections only from trusted networks.

5. Keep Systems Updated

• Regularly install updates and patches for your operating system and RDP client to protect against known vulnerabilities.

6. Monitor RDP Logs

• Set up alerts for suspicious activities to respond promptly to potential threats.
• Regularly review Remote Desktop logs to detect any unauthorized access attempts.

How Rublon MFA Protects Your Remote Desktop Connections

Rublon Multi-Factor Authentication (MFA) is a sophisticated solution to VPN and RDP security challenges. It allows you to enable robust, cutting-edge protection for all users who use Remote Desktop Services (RDS) and connect to a VPN. With Rublon, you can enable the following:

• MFA for RDP
• MFA for RD Gateway
• MFA for RD Web Access
• MFA for RD Web Client
• MFA for RD Web Feed
• MFA for VPN
• And many more!

Interested?