Remote Desktop via a PuTTY tunnel

May 24th, 2008    15 Comments

I'm still reloading things back onto my home PC after my recent Windows reinstall. It's going to a while yet before it's all back on there. The most recent thing I had to get working again was getting a Remote Desktop session to machines at work.

Setting up Windows Remote Desktop to allow you to use another machine on the same local network is very straightforward. Getting a Remote Desktop connection to a PC on a private external network is a little more tricky. I use PuTTY to SSH to the gateway machine at work.

PuTTY

Part of the PuTTY session is a series tunnels from ports on my local machine to ports on machines on the remote desktop. One of these is a mapping from the localhost port 3389 to port 3389 on a machine at work. Port 3389 is the port used by Remote Desktop, so this tunnel should mean that, once PuTTY has connected me to the external network, I can Remote Desktop to localhost and I will, as if by magic, get the login prompt for the remote machine.

However, having copied back into PuTTY the sessions from my previous Windows installation*, when I connected to the remote machine and then did a Remote Desktop to localhost I got the error message: "The client could not connect. You are already connected to the console of this computer. A new console session cannot be established."

RemoteDesktopError

The reason for this, it turns out, is that Remote Desktop knows it shouldn't allow circular connections: from this computer to this computer. So it rejects attempts to connect to 127.0.0.1. Now, as localhost resolves to 127.0.0.1, this gets rejected also.

However, on Windows, all other IP addresses in the 127.x.x.x range also represent the local machine, and Remote Desktop does not block these addresses. So this allows you to map port 3389 on one of these addresses (e.g. 127.0.0.2 or 127.254.254.254) to port 3389 on a remote PC and then you can specify that address in the Remote Desktop login window.

Note: Although the Source port field is clearly intended just for a port number, you can also put an IP address in there, followed by a port number - for example, 127.254.254.254:3389 - and then the remote IP address or hostname, followed by the port number, in the Destination field.PuTTY2

RemoteDesktoplogin 

* The PuTTY sessions for each Windows user are stored in the Windows registry in:

HKEY_USERS > [GUID for user] > Software > SimonTatham

Before reinstalling Windows I'd exported the whole registry to a .reg file on my network drive. To put the details into the new registry all I had to do was open up the .reg file in a text editor, save it with a name like putty.reg on the desktop of the target PC, delete everything in the file after the first line up to the start of the HKEY_USERS > [GUID for user] > Software > SimonTatham section and everything after that section, then save it again. Then you just need to right-click the icon on the desktop and choose Merge.

Potentially similar posts

Comments

Feed Trackback Address
  1. User Gravatar Matthias Rohe said:

    January 20th, 2009 at 3:23 pm (#)

    Thanks a lot. That's just what I needed!
    Matthias

  2. User Gravatar Mark said:

    October 31st, 2009 at 6:35 pm (#)

    To get it to work for me, I had to change the local port to something other than 3389 (i.e. so that I would put 127.0.0.2:3390 into mstsc.) Not sure why but I would always make a rdp connection to the local box if I used 3389.

  3. User Gravatar Window2008 said:

    January 11th, 2010 at 2:47 pm (#)

    Hi M8. The above works fine if you got the Windows 2003 and older versions. under Win 2008 (peace of Junk !) and W2K8R2, no matter what 127-IPRange does end up to circular connection issue ! I am getting really tired of this Windows Shit. So much time does it cost us all. I am still searching for a solution to the mentioned problem. If I manage to get a solution I will post it here

  4. User Gravatar Alistair said:

    January 11th, 2010 at 3:11 pm (#)

    Sorry to hear it doesn't work for you. I feel your pain!
    If you find a solution please do post a link here. Thanks.
    -Alistair

  5. User Gravatar coolbeans said:

    February 17th, 2010 at 3:17 pm (#)

    Use an IP forwarding service like dynDNS and enter that as the address.

  6. User Gravatar peliroco said:

    March 24th, 2010 at 11:16 pm (#)

    I also ran into this problem. I managed to solve it by setting the local source port to an IP address within my LAN (i.e. i didn't use 127.x.x.x at all). For example: if i know my local IP (the computer you are sitting at) is 192.168.2.20 then i'd input 192.168.2.20:3390 into Source port and 192.x.x.x:3389 into destination. Then using RDP try connecting to 192.168.2.20:3390. This should get around the localhost problem.

  7. User Gravatar Dixie said:

    May 6th, 2010 at 8:54 am (#)

    Had the same problem with windows XP (it tries to setup an rdp session to the localhost regardless of the port forwarding in putty)

    I think that perhaps doing:

    Source: localhost:3390
    Destination: remote.pc.example.xyz:3389

    Is even a bit more transparent than the suggestion by peliroco and for me it works just as well.

  8. User Gravatar Venevus said:

    November 17th, 2010 at 8:26 pm (#)

    sweet mother of god! you're my hero, I've been searching for hours as to why the magic that everyone else was experiencing wouldn't work for me. Finally someone who actually knows some shit and doesn't just copy-paste from other sites. you rock.

  9. User Gravatar itauthor said:

    November 18th, 2010 at 12:47 pm (#)

    Thanks! Very funny comment.
    Glad you found it useful.
    :-)

  10. User Gravatar Steve said:

    March 1st, 2011 at 5:01 pm (#)

    Yes, make sure when you remote desktop you connect to 3390.

  11. User Gravatar dancehall974 said:

    April 6th, 2011 at 8:26 pm (#)

    Is it possible to have a configuration such as :
    Local Computer --> TUNNEL --> FIREWALL --> TUNNEL --> Remote Computer ?

  12. User Gravatar ankit said:

    July 20th, 2011 at 9:14 am (#)

    i couldnt do it!!!

  13. User Gravatar Vanessa said:

    November 23rd, 2011 at 3:01 pm (#)

    Thanks for this detailed description, we are currently testing if the Remote Desktop solution is something that we could use in our company. This descriptions helps us to utelize it better.

  14. User Gravatar Frank said:

    January 30th, 2012 at 1:57 pm (#)

    I've tested a lot w/ all and a combination of most all on this page with no luck. :-(
    Though, I think I've gotten to the point where RD is talking to the port Putty is listening to, but Putty is not forwarding the data over the tunnel. Here's my settings:
    Local: 127.254.254.254:3306
    Destination: 24.60.229.XXX:3389
    RD: 127.254.254.254:3306
    Now the reason I think that RD is communicating with Putty is b/c when I run it I get the login prompt at my local PC. If I change the RD port number up or down a port number, I get the message that the remote computer is not found... This tells me that there is a Terminal Service process listening on 127.254.254.254:3306. It has to be Putty. But, why isn't Putty forwarding the data/request over the tunnel?
    All responses are welcome...
    F

  15. User Gravatar Frank said:

    January 30th, 2012 at 2:09 pm (#)

    One other note: I'm using Windows 7.

Leave a comment