Announcement

Collapse
No announcement yet.

Remote Connection can't be made to terminal server from outside network.

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Remote Connection can't be made to terminal server from outside network.

    I have a Windows 2003 Server R2 setup with terminal server. 2 NIC one set to internal LAN and the other hooked direct ot internet. I can get a remote connection from any workstation (XP and RDP 5.2) on the local LAN but if I try to make a connection outside network using fixed IP address, it cannot make the connection.

    This is my first time for setting up terminal services and I am using it to provide access to an application on server to remote workstations.

    Any help you can give me would be appreciated, as I am trying to finish a job so that I can get paid.

    Thank you,

    zadkin

  • #2
    Re: Remote Connection can't be made to terminal server from outside network.

    When you say "direct to the internet", is there a firewall maybe? Do a shields up port scan on port 3389 to see if it is really open.
    "...if I turn out to be particularly clear, you've probably misunderstood what I've said” - Alan Greenspan

    Comment


    • #3
      Re: Remote Connection can't be made to terminal server from outside network.

      Did the sheilds up and it reports port 3389 as "stealth". Most of my ports on in stealth mode for this windows server. What is the best way to open it and still maintain security?

      thanks.

      Comment


      • #4
        Re: Remote Connection can't be made to terminal server from outside network.

        If this is only a TS and nothing else, then all but 3389 should be closed/stealth. 3389 has to be open if your are to connect to it from outside. Security is maintained by a good password policy, and all the other security measures. (AV, Patches, etc...)
        "...if I turn out to be particularly clear, you've probably misunderstood what I've said” - Alan Greenspan

        Comment


        • #5
          Re: Remote Connection can't be made to terminal server from outside network.

          How do you open port 3389 on server 2003?

          Comment


          • #6
            Re: Remote Connection can't be made to terminal server from outside network.

            Its on the firewall. Do you have a router or modem/router? The server does have a firewall of its own, but i do not think you (in this case) have to worry about it
            "...if I turn out to be particularly clear, you've probably misunderstood what I've said” - Alan Greenspan

            Comment


            • #7
              Re: Remote Connection can't be made to terminal server from outside network.

              Just for testing sake I disabled windows firewall. I did set the firewall to allow port 3389 traffic. The server has two NIC. One to serve the internal LAN and the other direct to internet through a Netopia Cayman 33456 DSL modem. I was reading documentation on it but it seems to have no Port blocking capabilities.

              Should TCP/IP filtering be enabled in the LAN connection properties? I see where i could allow just the 3389 port but it might block other ports that are needed..

              Comment


              • #8
                Re: Remote Connection can't be made to terminal server from outside network.

                Originally posted by zadkin View Post
                Just for testing sake I disabled windows firewall. I did set the firewall to allow port 3389 traffic. The server has two NIC. One to serve the internal LAN and the other direct to internet through a Netopia Cayman 33456 DSL modem. I was reading documentation on it but it seems to have no Port blocking capabilities.

                Should TCP/IP filtering be enabled in the LAN connection properties? I see where i could allow just the 3389 port but it might block other ports that are needed..
                Check your model number, but i think you mean 3346. In any case it does have NAT and that is where you have to define the rule that allows 3389 from external to internal. Read up on NAT here. I am afraid that you will be on your own with the modem as i do not have a netopia box.
                "...if I turn out to be particularly clear, you've probably misunderstood what I've said” - Alan Greenspan

                Comment


                • #9
                  Re: Remote Connection can't be made to terminal server from outside network.

                  This might help, but confirm the model number
                  "...if I turn out to be particularly clear, you've probably misunderstood what I've said” - Alan Greenspan

                  Comment


                  • #10
                    Re: Remote Connection can't be made to terminal server from outside network.

                    Yes it is a 3346. I called service provider (megapath) they check configuration of router. The NAT is disabled and all ports are open. So I am think that somehow port 3389 is blocked at server?

                    thanks really do appreciate your help

                    Comment


                    • #11
                      Re: Remote Connection can't be made to terminal server from outside network.

                      Do you suppose it would be a good idea to turn on NAT in the netopia router and forward the port?

                      Comment


                      • #12
                        Re: Remote Connection can't be made to terminal server from outside network.

                        Originally posted by zadkin View Post
                        Yes it is a 3346. I called service provider (megapath) they check configuration of router. The NAT is disabled and all ports are open. So I am think that somehow port 3389 is blocked at server?

                        thanks really do appreciate your help
                        That could be, did you start the firewall service on the server (not TCPIP filtering).
                        If you did you will have to configure it to allow 3389.
                        "...if I turn out to be particularly clear, you've probably misunderstood what I've said” - Alan Greenspan

                        Comment


                        • #13
                          Re: Remote Connection can't be made to terminal server from outside network.

                          Originally posted by zadkin View Post
                          Do you suppose it would be a good idea to turn on NAT in the netopia router and forward the port?
                          Yes, Absolutely!
                          "...if I turn out to be particularly clear, you've probably misunderstood what I've said” - Alan Greenspan

                          Comment

                          Working...
                          X