Remote desktop connection from outside the network

    admin

    Since you don’t have a static public IP, you can use Dynamic DNS (DDNS) with Cloudflare to update your public IP automatically. Here’s a step-by-step guide to setting up RDP via port forwarding with Cloudflare DDNS.

    Step 1: Set Up Port Forwarding for RDP (3389)

    1. Log in to your router (usually 192.168.1.1 or 192.168.0.1).
    2. Find Port Forwarding / NAT settings.
    3. Create a new rule:
      • Protocol: TCP
      • External Port: 3389
      • Internal IP: 192.168.x.x (your shop computer’s local IP)
      • Internal Port: 3389
    4. Save the settings and restart the router.

    Step 2: Get a Cloudflare Domain & API Key

    1. If you don’t have a domain, get one and add it to Cloudflare.
    2. In Cloudflare Dashboard:
      • Go to My ProfileAPI Tokens.
      • Click Create Token → Use Edit DNS Zone Template.
      • Select your domain and Create API Token.
      • Copy the API Token (you will need this in the script).

    Step 3: Install a Cloudflare DDNS Updater on Your Shop PC

    You need a script that updates Cloudflare A Record with your dynamic public IP.

    Option 1: PowerShell Script (Windows)

    1. Open PowerShell as Administrator.
    2. Create a new script file: $domain = "yourdomain.com" $subdomain = "rdp" # Change to what you want (e.g., rdp.yourdomain.com) $email = "your-cloudflare-email" $apiKey = "your-cloudflare-api-key" $zoneId = "your-cloudflare-zone-id" $recordId = (Invoke-RestMethod -Uri "https://api.cloudflare.com/client/v4/zones/$zoneId/dns_records?type=A&name=$subdomain.$domain" -Method GET -Headers @{ "X-Auth-Email" = $email "X-Auth-Key" = $apiKey "Content-Type" = "application/json" }).result.id $publicIP = (Invoke-WebRequest -Uri "https://api64.ipify.org").Content $update = @{ type = "A" name = "$subdomain" content = "$publicIP" ttl = 120 proxied = $false } | ConvertTo-Json -Depth 1 Invoke-RestMethod -Uri "https://api.cloudflare.com/client/v4/zones/$zoneId/dns_records/$recordId" -Method PUT -Headers @{ "X-Auth-Email" = $email "X-Auth-Key" = $apiKey "Content-Type" = "application/json" } -Body $update
    3. Save it as update-cloudflare.ps1.
    4. Schedule it to run every 5 minutes:
      • Open Task Scheduler → Create a new task.
      • Set Trigger: Every 5 minutes.
      • Set Action: Run powershell -ExecutionPolicy Bypass -File C:\path\to\update-cloudflare.ps1.

    Step 4: Connect from the Remote PC

    1. On the remote PC, open Remote Desktop Connection (mstsc.exe).
    2. Type: rdp.yourdomain.com:3389
    3. Enter the username & password of the shop PC.
    4. Connect! 🎉

    Security Enhancements

    • Change the default RDP port to something like 3390 (Edit registry: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp\PortNumber).
    • Enable Network Level Authentication (NLA) for extra security.
    • Use a strong password for the RDP user.
    • Consider using VPN in the future for better security.

    Some ref: https://www.youtube.com/watch?v=DXUTEKsroSo

    Leave a Reply

    Your email address will not be published. Required fields are marked *