Unable to Get Port 3389 Open and “Seen” for Remote Desktop (from iPad over Fios Router to XP Laptop)

I am working to get remote access to my corporate laptop from my iPad using remote desktop.

  • Laptop – Running Windows XP SP3, my corporate IT folks have turned on Remote Desktop.
  • Router – My home network has a Fios Actiontec MI424-WR (revE) router, and I have turned on port forwarding for 3389, pointing to the IP address of my laptop on the home network (192.168.x.x).
  • iPad – The iPad is running Mocha Remote Desktop (RDP), where the configuration requires only the IP and port; I have configured with the external IP address for my router, and port 3389.

I am able to connect with remote desktop when the iPad and laptop are both on my local network at home.  But when the iPad is on an external network, it fails to connect and times out.

I have tried setting up Dynamic DNS on the router (created a DynDNS account, entered the xxx.dyndns.org host name in the router settings, and tried pointing the iPad’s remote desktop app to xx.dyndns.org) but this also failed to connect and timed out.

(I can not try Remote Desktop with another port, as I can not make admin changes to the corporate issued laptop.)

Here are some of the rudimentary diagnostics I have checked:

  • Listening – When I run ‘netstat –a’ from the laptop, it shows that the machine is listening to port 3389.
  • CanYouSeeMe – When I test for port 3389 using CanYouSeeMe.org on the laptop, it reports that it can not see my service on Port 3389.

Why would port 3389 show as forwarded on the router settings, be show as listening from the laptop with netstat –a, but not be “seen” with port testing?  What am I missing to be able to connect from outside of my own network?

Re: Unable to Get Port 3389 Open and “Seen” for Remote Desktop (from iPad over Fios Router to XP Lap
Community Leader
Community Leader

There is something that I have quote.

Quick quote from http://forums.verizon.com/t5/FiOS-Internet/Create-incoming-VPN-with-Westell-A90-9100EM15-10/td-p/251...

Now, before I get in trouble with the "Terms of Service" gods, just let me say that running a "server" on a residential connection is not permitted per your terms of service.   So if that's your intent, I would urge you to review your requirements and/or consider a business class of service.

I would urge you to check out LogMeIn's Hamachi product.   They have a free version for non-commercial use which allows you to quickly and easily build a private network of up to 16 devices and a pay version which can do many more.   It's handy for those gaming sessions which require all the computers to be on the same "network" in order to find each other and function.   It's a cloud based VPN service, so there is no "server" component on your end which should keep you clear of any "terms of service" trolls.


Re: Unable to Get Port 3389 Open and “Seen” for Remote Desktop (from iPad over Fios Router to XP Lap
Community Leader
Community Leader

Hey, I recognize that quote.   Smiley Wink

I will add the in this particular situation (remote desktop), another approach would be to check out Logmein's free service (you do have to pay for the iPad application) or check out the Jump Desktop iPad application.   Both have components that once you have the iPad client, you can install the remote desktop component on your home system and access it from anywhere without needing to keep tabs of port forwarding, etc.   I recommended this to a number of folks and they are very happy with the solution (even though the app has an initial cost).  I use Jump personally from my iPad all the time to my home Windows machine and MacBook and it works like a champ.

I suspect your particular issue is either an address mismatch or a firewall (system level or network level) firewall that's somewhere in your path.  

Re: Unable to Get Port 3389 Open and “Seen” for Remote Desktop (from iPad over Fios Router to XP Lap
Community Leader
Community Leader

If it works from inside and not from outside then the issue is your firewall rule.

I'm assuming you're trying this just for experimentation not to run a server in contravention of your TOS.

The firewall rule should look like this

TCPAny -> 3389                           NOTE that is says Any on the left side.

 The destination host should be 192.168.1.X       where X is is the IP address of the desktop you are trying to get to.