Announcement

Collapse
No announcement yet.

Remote desktop only working internally and via VPN

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Remote desktop only working internally and via VPN

    Hi,

    We've had no problem accessing the server and various desktops via the RWW in the past but recently (past few months) we've only been able to use remote desktop on RWW via LAN computers and externally if you're connected via VPN.

    Now, port 3389 is forwarded correctly through the router. canyouseeme.org/ shows 3389 as open, it appears in the router log as following the rule successfully.

    When connecting to the server I get the prompt about clipboard sharing then after a delay of around 5-10 seconds I get a "Remote Desktop Disconnected" message:

    Error message

    This has effected remotely accessing client desktops as well as that simply doesn't work externally at all, VPN or no VPN.

    I've gone round and round in circles checking everything against so many website but I'm just completely stuck.


    It's a dual NIC setup, the router NIC is 192.168.0.3 and the rule on the router is forwarding the port to that address but then it's forwarding all the other stuff like RWW ports to that address as well and it's fine.


    Any clues?



    Edit, sorry for the multiple threads. I didn't want to put all the different problems in one thread.

  • #2
    Re: Remote desktop only working internally and via VPN

    RWW uses port 4125 not 3389 for the remote desktop part

    Comment


    • #3
      Re: Remote desktop only working internally and via VPN

      I have 4125 forwarded as well.

      Comment


      • #4
        Re: Remote desktop only working internally and via VPN

        I've just checked it again and although 4125 is forwarded correctly on the router it doesn't seem to be getting through. Checking the router logs I can see this:

        Thu, 2008-02-14 08:59:34 - TCP Packet - Source: xxx.xxx.xxx.xxx,47701 Destination: xxx.xxx.xxx.xxx,4125 - [RWW rule match]

        So the router is forwarding it correctly but running the test on canyouseeme (I dunno how valid this is as a test) gives this:

        Error: I could not see your service on xxx.xxx.xxx.xxx on port (4125)
        Reason: Connection refused


        I've also found out that viewing the internal website remotely doesn't work either. I imagine it's the same problem. Where can I check on the server that port 4125 is open?
        Last edited by Dazzla; 14th February 2008, 10:07.

        Comment


        • #5
          Re: Remote desktop only working internally and via VPN

          get nmap for windows from insecure.org

          nmap localhost -to see which ports are open and listening
          ________
          Lincoln continental mark vii
          Last edited by DYasny; 6th March 2011, 18:03.
          Real stupidity always beats Artificial Intelligence (c) Terry Pratchett

          BA (BM), RHCE, MCSE, DCSE, Linux+, Network+

          Comment


          • #6
            Re: Remote desktop only working internally and via VPN

            When running "nmap localhost" I get:

            Starting Nmap 4.53 ( http://insecure.org ) at 2008-02-14 11:28 GMT Standard Time
            Skipping SYN Stealth Scan against localhost (127.0.0.1) because Windows does not support scanning your own machine (localhost) this way.
            0 ports scanned on localhost (127.0.0.1)

            Nmap done: 1 IP address (1 host up) scanned in 0.062 seconds
            I've had a quick search around the net but I've not really got any more idea.


            Edit, I scanned it from a client machine, port 4125 isn't open on either NIC.

            Edit again, I reran the email and internet connection wizard and had it configure RWW / 4125 as open but running nmap on both NICs doesn't pick up port 4125 as open.
            Last edited by Dazzla; 14th February 2008, 12:52.

            Comment


            • #7
              Re: Remote desktop only working internally and via VPN

              Originally posted by Dazzla View Post
              I've also found out that viewing the internal website remotely doesn't work either. I imagine it's the same problem. Where can I check on the server that port 4125 is open?
              To view the internal web site externally, you need access on port 444. Re-run the CEICW and in the firewall settings check the appropriate boxes.
              Telnet giving/not giving the required response is as good a test as any.
              TIA

              Steven Teiger [SBS-MVP(2003-2009)]
              http://www.wintra.co.il/
              sigpic
              Iím honoured to have been selected for the SMB 150 list for 2013. This is the third time in succession (no logo available for 2011) that I have been honoured with this award.

              We donít stop playing because we grow old, we grow old because we stop playing.

              Comment


              • #8
                Re: Remote desktop only working internally and via VPN

                I also have 444 open on the router, I'll double check tomorrow if nmap is showing it open on the server.

                Comment


                • #9
                  Re: Remote desktop only working internally and via VPN

                  Try to run PortQry.exe tool against your External IP on router

                  Portqry.exe -n (YOUR IP) -o 443,444, 4125

                  I f you have your ports open and configured correcly you should see output:

                  (Your IP) has been resolved to ....

                  TCP port 444 ..... LISTENNING
                  TCP port 443 ..... LISTENING
                  TCP port 4125....LISTENING

                  It means that your pors are configured OK .. so now you have to look at something else ... on the server

                  Also you mentioned that you have 2 NICS

                  I assume that you have setup something like this:

                  ---- WAN - ROUTER - 192.168.1.1 - SBS - LAN 192.168.0.3 -- local network

                  your rules on the router/firewall should point such as:

                  443 - From * to LAN 192.168.0.3
                  444 - From * to LAN 192.168.0.3
                  4125 - From * to LAN 192.168.0.3

                  Also .. when accessing your RWW over Internet .. make sure you add your https://SERVER. FQDN.com into trusted sites before you clikc on Connect to desktop ... You can do it by TOOLS / Internet Options / Security / Trusted Sites and add your server link here such as https://srv.yourdeomain.com

                  Try to conenct to desktop -- you may receive a popup to install the MS ActiveX component .. once instaleld you should be able to connect

                  Good luck

                  Comment


                  • #10
                    Re: Remote desktop only working internally and via VPN

                    Another point I forgot to mention. SBS only opens 4125 after a succesful SSL connection has been established.
                    The whole procedure is here
                    TIA

                    Steven Teiger [SBS-MVP(2003-2009)]
                    http://www.wintra.co.il/
                    sigpic
                    Iím honoured to have been selected for the SMB 150 list for 2013. This is the third time in succession (no logo available for 2011) that I have been honoured with this award.

                    We donít stop playing because we grow old, we grow old because we stop playing.

                    Comment

                    Working...
                    X