I recently had to come up with an inexpensive and reliable way to secure remote access (RDP in this case) for my clients. We had been using non-standard ports to provide some security, but hackers were now scanning our network for those ports. I had introduced the use of VPN’s to many of my clients, but for the most part they proved to be too cumbersome for my clients to use. Almost every firewall on the market can restricted access by IP address and most firewalls can recognize fully qualified domain names (FQDN). I had my clients subscribe to a DDNS service, NO-IP.COM was the one we chose because it had a feature that allowed me to create a different login for each domain name, and I restricted access by the FQDN that we created on NO-IP.COM.

So for client XYZ I created several DDNS records such as XYZ1.DDNS.NET, XYZ2.DDNS.NET, XYZ3.DDNS.NET and so on. Then I restricted access through the firewall to the IP Address that resolved to that particular domain name. Then my clients could take their laptops anywhere in the world, run the Dynamic Update Client to update the DDNS service with the correct IP address, wait a couple of minutes for the firewall to update its records and they had access to our remote server.

At $25 a year for 25 domain names it has turned out to be the perfect solution for providing completely secure remote access to our network.