Question

Server 2008 refuses remote desktop connection from outside of network

Asked by: wilf_thorburn

I am running server 2008 with AD and the servier is the DHCP server as well as the DNS server.  If I am on site and on the inside network [192.168......] I can connect without any problem, and do all server work remote from the server.  When outside the LAN, I can VPN in and manage a workstation on the network, but if I try log on to the server, I get a 0x80090304 error refusing connection.

This Question has been solved and asker verified All Experts Exchange premium technology solutions are available to subscription members.

Subscribe now for full access to Experts Exchange and get

Instant Access to this Solution

  • Plus...
  • 30 Day FREE access, no risk, no obligation
  • Collaborate with the world's top tech experts
  • Unlimited access to our exclusive solution database
  • Never be left without tech help again

Subscribe Now

Asked On
2009-08-04 at 20:32:25ID24626915
Topics

Peripherals

,

Computer Servers

Participating Experts
3
Points
500
Comments
14

Trusted by hundreds of thousands everyday for fast, accurate and reliable tech support.

  • "The time we save is the biggest benefit of Experts Exchange to Warner Bros. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange." Mike Kapnisakis, Warner Bros.
  • "Our team likes having a resource that is more secure than just using Google and most experts using this service really know their stuff. It's nice to look here first versus using Google." Dayna Sellner, Lockheed Martin
  • "Anytime that I've been stumped with a problem, 9 out of 10 times Experts Exchange has either the accepted solution or an open discussion of the potential solution to the problem." Kenny Red, eBay Inc.

See what Experts Exchange can do for you.

Got a question?

We've got the answer.

Experts Exchange has been collecting answers to technology questions since 1996…3 million and counting! If you have a question, chances are we already have your answer.

Screenshot of Experts Exchange Knowledgebase

Need individual assistance?

Our experts are ready to help.

If you can't find the exact answer you're looking for, ask our exclusive community of 50,000 experts. You’ll get a personalized answer from a trusted professional.

Screenshot of Experts Exchange Knowledgebase

Want to learn from the best?

Read articles from industry experts.

Thousands of free tech tips, tricks, how-to’s and tutorials are available in our peer reviewed articles section. See for yourself how smart our experts are, no login required.

Screenshot of an Article

Working on a long term project?

Store your work and research.

Save solutions to your questions, answers you’ve discovered through searching plus helpful articles in your personal knowledgebase for easy future access.

Screenshot of Experts Exchange Knowledgebase

Access the answers to your technology questions today.

Subscribe Now

30-day free trial. Register in 60 seconds.

What Makes Experts Exchange Unique?

Members of the expert community talk about why the experience at Experts Exchange is different than what you will find anywhere else.

Trusted by the world's most respected brands.

image of each brand's logo

Faithfully serving IT professionals since 1996.

Experts Exchange Logo

Try it out and discover for yourself.

Subscribe Now

30-day free trial. Register in 60 seconds.

Related Solutions

  1. VPN and DNS
    After I successfully VPN into my PIX I am not able to browse or access any part of the network. I only use DNS, no WINS. I look at the clients event log and I see this. The system failed to register network adapter with settings: Adapter Name : {734E1C62-6097-4F6B-A1F8...
  2. DHCP,DNS Servers
    Hi all, I have some knowledge on DHCP ,DNS servers and what they do. But I fail to understand where actually these servers reside so that DHCP server allot a Ip address to the terminal and DNS server will resolve Name to Ip address. Do they reside somewhere in the interne...
  3. Can't go online from workstation, just installed W2K3 w…
    Hi, Just installed Windows 2003 Server Standar and trying to go online from one workstation, but can not. Let me give some details about network setup. Internet and network: Time Warner cable, dynamic IP Verizon DSL, Dynamic IP Both connected to Xincom 2xWAN VPN Gateway/...
  4. DNS not working with our VPN connections.  Users canno…
    We have a VPN setup using the Linksys WRV54G Wireless VPN router. Users can connect to the network through VPN using the QuickVPN client. However, users cannot terminal service into a server or station unless they use the IP of the computer. Name resolution is not working f...

Free Tech Articles

  1. WARNING: 5 Reasons why you should NEVER fix a computer for free.
    It is in our nature to love the puzzle. We are obsessed. The lot of us. We love puzzles. We love the challenge. We thrive on finding the answer. We hate disarray. It bothers us deep in our soul. W...
  2. SCCM OSD Basic troubleshooting
    SCCM 2007 OSD is a fantastic way to deploy operating systems, however, like most things SCCM issues can sometimes be difficult to resolve due to the sheer volume of logs to sift through and the dispe...
  3. Migrate Small Business Server 2003 to Exchange 2010 and Windows 2008 R2
    This guide is intended to provide step by step instructions on how to migrate from Small Business Server 2003 to Windows 2008 R2 with Exchange 2010. For this migration to work you will need the fo...
  4. Create a Win7 Gadget
    This article shows you how to create a simple "Gadget" -- a sort of mini-application supported by Windows 7 and Vista. Gadgets can be dropped anywhere on the desktop to provide instant information, ...
  5. Outlook continually prompting for username and password
    There have been a lot of questions recently regarding Outlook prompting for a username and password whilst using Exchange 2007. There are a few reasons why this would happen and I will try to cover t...
  6. Backup Exchange 2010 Information Store using Windows Backup
    There seems to be quite a lot of confusion around the ability to backup Exchange 2010 using the built in Windows Backup feature. This stems from the omission of this feature prior to Exchange 2007 s...

Cloud Class Webinars

  1. Avoiding Bugs in Microsoft Access
    Alison Balter takes and in-depth look at avoiding bugs in Access. In this webinar you will learn about using the immediate window to debug your applications, invoking the debugger, using breakpoints to troubleshoot, stepping through code, setting the next statement to execute, ...
  2. Top 10 Best New Features in Visio 2010
    Scott Helmers gives live demonstrations of the top 10 new features in Visio 2010. This webinar will teach you how to create compelling diagrams by adding shapes to the page with a single click, linking the shapes in a diagram to data in Excel (or SQL Server, or SharePoint), ...
  3. IT Consultant Business Secrets Revealed
    Michael Munger, Experts Exchange tech pro and IT consultant, pulls back the curtain on his very successful businesses and answers question on every IT consultant and business owner should know about. He shares secrets on what he did to solve the 5 most common problems in IT, ...
  4. Disaster Recovery and Business Continuity
    Quest CTO, Mike Billon, gives an overview of the steps involved in building a dunamic disaster recovery plan. Through case studies and an examination of software/hardware tooles for monitoring and testing, you'll gain a better understandin of where you are, where you want ...
  5. Organize Your Visio Diagrams with Containers and Lists
    Scott Helmers uses cross functional flowcharts, wireframe diagrams, data graphic legends and seating charts to teach you: how to ustilize all three new structured diagram components in Visio 2010, the best practices for organizeing shapes in previous version of Visio, how to organize ...
  6. How to Us Objects, Properties, Events and Methods in Microsoft Access
    Alison Dalter gives an in-depbth look at objects, properties, events and methods in Microsoft Access. In this webinar you will learn about using the object browser, referring to objects, working with properties and methods, working with object variables, understanding the ...

Join the Community

Give a Little. Get a Lot.

Join the community of experts here and help other tech pros by answering question in your area of expertise. You can earn FREE access to all Experts Exchange's premium features and resources.

Join the Community

Answers

 

by: parmbirmannPosted on 2009-08-04 at 20:37:10ID: 25019989

Lower Remote Desktop Security - On your terminal services server goto System Properties -> Remote Tab -> Allow connections from computers running any version of remote desktop (less secure).

or

0X80090304 error in the Windows operating system is associated with a certain application. Errors like 0X80090304 could occur because of incorrect records in Windows Registry which is a crucial part of your Windows operating system. If it is not functioning correctly certain file extensions won't be recognized and Windows will report an error.  Check your Event Log.

 

by: wilf_thorburnPosted on 2009-08-05 at 04:38:52ID: 25022193

The security is allready set to the setting suggested.

 

by: PaperTigerPosted on 2009-08-05 at 06:50:05ID: 25023406

can you ping the server? what are the IP addresses for both server and your machine?

 

by: lnkevinPosted on 2009-08-05 at 11:28:32ID: 25026538

This is a known issue by MS. Check this MS article:
http://support.microsoft.com/kb/813550

K

 

by: wilf_thorburnPosted on 2009-08-06 at 04:28:57ID: 25032054

I can ping the server when connected remote via my windows vpn connection.  The server is Server 2008, 64 bit.
I have included the results of ipconfig/all

Windows IP Configuration
 
 
 
        Host Name . . . . . . . . . . . . : wt-cg
 
        Primary Dns Suffix  . . . . . . . : 
 
        Node Type . . . . . . . . . . . . : Hybrid
 
        IP Routing Enabled. . . . . . . . : No
 
        WINS Proxy Enabled. . . . . . . . : No
 
 
 
Ethernet adapter Local Area Connection:
 
 
 
        Connection-specific DNS Suffix  . : 
 
        Description . . . . . . . . . . . : Realtek RTL8168B/8111B Family PCI-E GBE NIC
 
        Physical Address. . . . . . . . . : 00-1C-C0-A6-CD-8A
 
        Dhcp Enabled. . . . . . . . . . . : Yes
 
        Autoconfiguration Enabled . . . . : Yes
 
        IP Address. . . . . . . . . . . . : 192.168.12.9
 
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
 
        Default Gateway . . . . . . . . . : 192.168.12.254
 
        DHCP Server . . . . . . . . . . . : 192.168.12.254
 
        DNS Servers . . . . . . . . . . . : 192.168.12.254
 
        Lease Obtained. . . . . . . . . . : August 6, 2009 4:53:01 AM
 
        Lease Expires . . . . . . . . . . : August 13, 2009 4:53:01 AM
 
 
 
PPP adapter TOA2:
 
 
 
        Connection-specific DNS Suffix  . : 
 
        Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
 
        Physical Address. . . . . . . . . : 00-53-45-00-00-00
 
        Dhcp Enabled. . . . . . . . . . . : No
 
        IP Address. . . . . . . . . . . . : 192.168.99.41
 
        Subnet Mask . . . . . . . . . . . : 255.255.255.255
 
        Default Gateway . . . . . . . . . : 192.168.99.41
 
        DNS Servers . . . . . . . . . . . : 192.168.99.250
 
                                            64.59.176.13
 
        Primary WINS Server . . . . . . . : 192.168.99.1
                                              
1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:
20:
21:
22:
23:
24:
25:
26:
27:
28:
29:
30:
31:
32:
33:
34:
35:
36:
37:
38:
39:
40:
41:
42:
43:
44:
45:
46:
47:
48:
49:
50:
51:
52:
53:
54:
55:
56:
57:
58:
59:
60:
61:
62:
63:
64:
65:
66:
67:
68:
69:

Select allOpen in new window

 

by: lnkevinPosted on 2009-08-06 at 06:12:33ID: 25032844

Here is your problem: your server does not have a static IP address. You cannot enable DHCP on your server. Instead, you input the same IP address as a static IP. It should solve your issue.

K

 

by: lnkevinPosted on 2009-08-06 at 06:21:11ID: 25032946

Also, PPP adapter, which connects to your modem should be DHCP enabled. PPP is only used for VPN should not run with any static IP address. You should reverse the setting between your LAN NIC and VPN.

K

 

by: wilf_thorburnPosted on 2009-08-06 at 10:52:39ID: 25036145

The server at the remote location has a static IP of 192.168.99.250 and is the DHCP server for the netwrok.  When I connect to the netwrok, the server [192.168.99.250] assigns me an IP for that network.  The static address that I use to connect to the network is assigned by the ISP, and DHCP on the Watchguard appliance [entry to the remote]etwork is set as assigned the the ISP.  It has a staic 192.168 address also.
From my end when I connect to the remote, my IP on my router and modem are not static.  My router acts as a DHCP server from my location.  Since I can connect to the remote router and some work stations, I need clarity on the server settings.  

 

by: lnkevinPosted on 2009-08-06 at 11:04:35ID: 25036275

I am confused. What is the following IP 192.168.12.9? Is it from your PC?
Can you post server ipconfig?
Also, did you look in this KB? http://support.microsoft.com/kb/813550

K

 

by: wilf_thorburnPosted on 2009-08-06 at 15:23:32ID: 25038670

I looked at the article, but it was for server 2003.  I do not recall configuring an EAP from the server.  Where would I adjust that.
I will need to get access to the server, so will post it asap.
My computer at home is the .9.  The server's static IP is 192.168.99.250 and it sits behind a watchguard security appliance.  I can VPN in and connect to workstations, and can remote desktop from a remote workstation to the server, but this ties up a station and is quite slow.
The server is also the DNS and DHCP server.  I have remote access configured on the server in Active Directory.

 

by: lnkevinPosted on 2009-08-07 at 06:44:57ID: 25042581

It gotta be the security appliance, which drops the connection to your server. Look in the appliance's rules and ensure all ports for RDP (53, 135, 3389) are enabled.

K

 

by: wilf_thorburnPosted on 2009-08-08 at 19:03:50ID: 25052453

I can log on to any work station on the network, just get denied from the server

 

by: lnkevinPosted on 2009-08-09 at 05:25:37ID: 25053943

So the server that you tried to logon TS was a domain controller. Did you try to logon TS with local administrator account of the server?

K

 

by: lnkevinPosted on 2009-08-09 at 05:29:19ID: 25053958

If you logon using authenticated user account, you will not be able to logon to DC by default. You can change this default setting but it is not recommended. Here is how you add user group in your policy:
Start --> Run --> MMC
File --> Add/Remove Snap-in
Add --> Choose Group Policy Object Editor --> Add
Click Browse --> Under the Domains/OUs Tab, open the Domain Controllers Folder --> Select the Default Domain Controllers Policy --> OK
Click Finish
Click Close
Click OK
Expand the Default Domain Controllers Policy
Expand Computer Configuration
Expand Windows Settings
Expand Security Settings
Expand Local Policies
Select User Rights Assignment
On the right hand side locate:  Allow log on through Terminal Services
Double-click on the Policy to edit
Click Add User or Group
Click Browse
Type in the first few charactors of the username or groupname and click Check Names
If the right username or groupname is found hit OK three times
Close the MMC
Go to a DOS prompt on the DC
Type in GPUPDATE /FORCE and hit enter...

K

20120131-EE-VQP-002

3 Ways to Join

30-Day Free Trial

The Experts

98% positive feedback on 31,087 answers since March 2000. angeliii is a Microsoft Most Valuable Professional for his work with MS SQL Server & Develoment.

He has also proven his knowledge of Visual Basic Programming, PHP Scripting and Oracle Databases.

The Experts

97% positive feedback on 10,752 answers since July 2000. lrmoore has more than 18 years experience in the networking industry.

The six-time Mircosoft MVPs specialties include firewalls, virtual private networking, and network management.

Testimonials

"...and excellent source for support... Kind of like having your very own IT dept." Electriciansnet

Testimonials

"I was apprehensive at signing up at first. However... it has already made my life as an IT administrator much easier." JaCrews

Testimonials

"WOW! You guys have great, active, and knowledgeable people on here." moore50

Business Clients

Business Clients

In the Press

"If you’ve got a question... Experts Exchange can supply an answer.”

In the Press

"...an invaluable aid for both IT professionals and those who require tech support."

In the Press

"where IT professionals provide quick answers on just about any topic"

Business Account Plans

Loading Advertisement...