How do I make an RDP or SSH connection to my ViUX Cloud Server?
Posted by J.T. Smith on 12 July 2012 12:45 AM
To better secure physical and virtual servers on the ViUX™ Network, we block access to the default RDP (3389) and SSH (22) ports at the network firewall.
ViUX's use of the FortiClient SSLVPN Client to require a secure VPN connection before you are able to make a remote RDP or SSH connection to your VPS / Cloud Server on the default ports is a critical security implementation that greatly improves protection of your server against hackers and other such abuse.
When / if you need to access your VPS / Cloud Server(s) on our network via RDP or SSH, you must first undertake the following actions...
---------- Download & Install ----------
1. Download and install the FortiClient SSLVPN Client for your local system (Windows or Mac). For Windows this would be the file: forticlient_sslvpn-win-v4.0.2148.exe; and for Mac it would be the file: forticlient_sslvpn-mac-v4.0.2252.dmg - (from this point forward all steps are Windows specific).
- To download and install, click the file download link at: https://support.viux.com/index.php?/Knowledgebase/Article/View/2369/185/forticlient-sslvpn-client - and then click the [SAVE] button when prompted.
- Go to the download location and double click the file; then click the [RUN] button on the resulting dialog box.
- In the window that opens, click the [Run as Administrator] button - if prompted to allow changes, click [YES], and then the [INSTALL] button.
- Allow the install to complete and then click the [CLOSE] button.
---------- Start & Configure ----------
- You can also check the box for "Keep connection alive until manually stopped" - if you want to remain connected until you manually disconnect. Then Click the [OK] button again.
- Now your connection details are saved so going forward you can just open the FortiClient SSLVPN Client software and click [CONNECT] whenever you wish to make a VPN connection to the ViUX Network.
- Once connected successfully to the ViUX VPN, you may be prompted to select the network type... select "Public Network" - and then click the [CLOSE] button.
---------- Connect via RDP or SSH ----------
3. After connecting to the ViUX VPN, you can now open your Remote Desktop Client or SSH Client (such as Putty) and make an RDP or SSH connection to your VPS / Cloud Server's IP Address on the default ports (3389 / 22) - just as you normally would. While connected to the VPN you have a trusted IP on the ViUX local network for which RDP / SSH connections are permitted on the default ports.
- You can remain connected for as long as needed; however once you have completed your work, please make sure to BOTH logoff (not just disconnect) your remote session, AND then end your VPN connection. Failure to properly logoff your sessions may prevent subsequent connections and may require a reboot of your server to clear the resulting orphaned session(s).
We do also allow some alternate methods of making an RDP or SSH connection without need for VPN setup and connection...
---------- Alternate Connection Option: Trusted IP ----------
A. If you do not want to setup and make a VPN connection, alternatively, you can open a ticket with firstname.lastname@example.org giving us the IP Address(es) of your local system(s) - and we can set them to be trusted on the remote network and thereby allow RDP and SSH connections on the default ports without need for first making a VPN connection. However this option is really only viable for those with Static IP Addresses, or at a minimum, IP Addresses that rarely if ever change.
---------- Alternate Connection Option: Change Listing Port ----------
B. Another option that allows you to avoid the need for VPN setup and connection is to change the default RDP or SSH listing port. You can do this yourself on the server or you can request that we do so on your behalf via a ticket with email@example.com. We have some alternate ports that are already open in the firewall for this purpose, which will be revealed to you in the support ticket. However this is the least secure option, as security through obfuscation is not "real" security. None the less, even this does still make your server more secure if hackers are unable to connect on the default ports.
For more details on alternate connection options, please see: How do I make an RDP connection to my VPS / Cloud Server without need for a Secure VPN connection?