I have a couple of computers at home, running Windows XP Home
and XP Pro. They are connected to the internet using a broadband router. I’d
like to connect to them from my place of work. How do I do
Well, it may be possible, but there are several barriers in your
way. It could get complicated, but we’ll look at each of the barriers in turn,
and consider ways to overcome them, if possible.
Become a Patron of Ask Leo! and go ad-free!
First, I’m going to assume that you want to connect using Remote Desktop.
Using that, when you finally do connect, you’ll have access to the remote
computer almost as if you were sitting in front of it. The bad news here is
that Remote Desktop is a feature of Windows XP Pro, and is not present in XP
Home. You’ll only be able to access your XP Pro machines using Remote
Our first barrier is your place of work. Depending on how
they are connected to the internet, you simply may not be able to connect out.
Larger corporations often restrict what protocols are allowed to access the
internet. Quite often they restrict access to web surfing and email. If that’s
the case where you work, there’s little recourse, other than pleading with your
IT department to allow the Remote Desktop protocol (on port 3389) to reach the
The next barrier, or at least point of confusion, is your IP
address. The easiest scenario is if you have a static IP address at
home. That way you’ll always know what IP address to connect to. In fact, if
you have a static IP, you can even register and assign a domain to it, so that
you can access your home network by name – something like myhome.mydomain.com –
rather than IP address.
If you have a dynamic IP address, you can still get to your network. You
simply need to know what the current IP address is. There are several
approaches, however none of them are really elegant. For example, you can call
home and ask someone to visit a site such as Plot IP, which will display your IP, and then have them read it
to you over the phone. If you have access to a web server’s access logs, you
can have your computer at home visit a specific web page periodically and
retrieve the IP address from the logs. And finally
there are tools that you can use
to map a domain name – like myhome.mydomain.com – to a dynamic IP. These tools
do require that you install software on your computer to detect IP address
changes, and when a change occurs, it may take up to 48 hours for the DNS
changes to make their way across the internet.
The good news about a dynamic IP is that if your router stays connected
continuously, the IP address is actually not likely to change often.
The next barrier is your router. A router acts as a
firewall, and prevents most connections coming in from the internet. Most
people only connect out, to surf the web, download files or read email, so
that’s not a problem for them. But connecting from a remote location
to your home is a connection coming in from the outside. The router
needs to be configured to forward port 3389 (the Remote Desktop Protocol port)
to the computer you want to connect to. Unfortunately, exactly how that’s done
will vary depending on kind of router you have – you’ll have to check the
Note that I said you need to configure it to forward to the computer you
want to connect to. You can access only one of your computers directly
through your router this way. (There are techniques where you can specify that
Remote Desktop listen on ports other than 3389. Then by using a different such
port for each computer, and forwarding each through the router to the
appropriate computer, you can connect directly to each. That’s beyond the scope
of this article, and more complex than most folks will want to deal with.)
My approach, for what it’s worth, is to allow external remote access to only
one machine on my network. Once connected to that machine I can, if needed, use
Remote Desktop on it to connect to any other machine on my network. It can be a
little confusing from a UI perspective, knowing which of the three machines
connected in sequence my keystrokes are actually going to, but in practice I
don’t do it often.
Our final barrier is your IP address on your LAN. Your IP
address on the internet, whether static or dynamic, is assigned by your ISP and
really identifies only one device: your router. Within your local network, the
router then typically assigns local IP addresses to all of your
computers. The router then handles making sure that all the data traveling
between the computers on your local network and the internet all go to the
Those local IP addresses never leave your network – the internet sees only
your router’s IP address. So when you configure your router to forward port
3389 to a computer, you need to select one of your local computers, and
configure its IP address as the destination for Remote Desktop. Then, when the
router receives a Remote Desktop request from the internet, it forwards that
request to the computer whose IP address you configured.
The “problem” is that your local network is, more than likely, using dynamic
IP addresses. That means that the IP addresses that are assigned to each computer
could change over time. If you leave your computers on all the time, the
addresses won’t change, and you’re probably OK configuring the router with the
current IP address of the computer you want to access remotely. If it ever
changes, you’ll need to update your router’s port forwarding configuration for
If that’s unacceptable or inconvenient, the only real solution is to
configure one of your computers to have a static IP address, and then configure
the router to forward to that one as the Remote Desktop target. Depending
on your router it can be as easy as:
- Configuring the router to assign IP addresses from one range … say
192.168.1.100 and up.
- Configuring the TCP/IP properties of one of your machines to be a static
IP, and defining it with a value out of that range – say, 192.168.1.2 (normally
192.168.1.1 is reserved for the router itself).
In many cases that’s enough. In cases where other machines on your network
cannot “see” this one machine, it may be necessary to add an entry to the “hosts”
file on all the other machines that defines the static IP address for this one
There’s more on hosts in this article: Can I fake the DNS IP
lookup to test my website?.
As you can see, things get fairly complex fairly quickly. There are other
solutions, but I’ve not tried any of them myself so I’m not qualified to
comment on their suitability or their ease of setup:
- Commercial solutions such as PC
Anywhere, or GoToMyPC.
- VNC (Virtual Network Computing) solutions that operate much like Remote
Desktop. RealVNC is one example.
- VPN (Virtual Private Network) solutions that create a virtual connection to
your entire local network. In recent years, some types of routers come with VPN
support built in.
Perhaps some readers will chime in with their experiences with those, or