elmbrook
asked on
A connection was abortively closed afte rone of the peers sent a RST Segment.
Hi,
I'm trying to remote into our Windows 2003 Standard edition server and can't get in. Have set up RealVNC and Remote Desktop Connection on identical servers in the past which have been running ISA04 on the same server with no problems.
But this one installation is causing me all sorts of problems. Can't remote in using any remote software so far. The correct ports are open for both RealVNC and remote desktop and if I watch the monitoring in ISA 04 logs I can see the following:
Protocol: RDP (Terminal Services)
Action: Initiated
Rule: RDP Server
Result Code: 0x0
Then after that it gets:
Protocol: RDP (Terminal Services)
Action: Closed
Rule: RDP Server
Result Code: 0x80074e21 FWX_E_ABORTIVE_SHUTDOWN
Status: A connection was abortively closed afte rone of the peers sent a RST Segment.
I'm stuck, I've check the services to make sure all the Terminal Services and RDP services are running and they are. The rules are idential to ones set up on another server.
Any ideas what the RST Segment error is about?
I'm trying to remote into our Windows 2003 Standard edition server and can't get in. Have set up RealVNC and Remote Desktop Connection on identical servers in the past which have been running ISA04 on the same server with no problems.
But this one installation is causing me all sorts of problems. Can't remote in using any remote software so far. The correct ports are open for both RealVNC and remote desktop and if I watch the monitoring in ISA 04 logs I can see the following:
Protocol: RDP (Terminal Services)
Action: Initiated
Rule: RDP Server
Result Code: 0x0
Then after that it gets:
Protocol: RDP (Terminal Services)
Action: Closed
Rule: RDP Server
Result Code: 0x80074e21 FWX_E_ABORTIVE_SHUTDOWN
Status: A connection was abortively closed afte rone of the peers sent a RST Segment.
I'm stuck, I've check the services to make sure all the Terminal Services and RDP services are running and they are. The rules are idential to ones set up on another server.
Any ideas what the RST Segment error is about?
There was a similar problem in another forum I am a member of... I also recommended the same article but would like to highlight one suggestion for the error. Is the rdp services enabled and started? If not do this and retry your connection.
ASKER
The rdp service in Control Panel | Administrative tools | Services is started.
That acticle describes my exact problem, but I'm still no closer to figuring out why I'm getting the error. Checked all the services. Made sure in ISA System Policy it allows remote management.
Also double checked the Remote Desktop is enabled in System 'Remote' tab and that my User is allowed access.
That acticle describes my exact problem, but I'm still no closer to figuring out why I'm getting the error. Checked all the services. Made sure in ISA System Policy it allows remote management.
Also double checked the Remote Desktop is enabled in System 'Remote' tab and that my User is allowed access.
RDP is only needed in the System Policy if you are trying to rdp onto ISA itself.
I assume you have the service packs installed for ISA?
Can you confirm the contents of the Local Address Table are corerct?
configuration - networks - internal - properties - addresses?
How have you actually published the RDP service?
I assume you have the service packs installed for ISA?
Can you confirm the contents of the Local Address Table are corerct?
configuration - networks - internal - properties - addresses?
How have you actually published the RDP service?
As an aside, can you rdp to the user from inside the network successfully?
ASKER
No, can't remote in locally either.
Running ISA04 SP2.
Yes the RDP is published in firewall rules. Just copied the same rules I used on the other working server.
Local LAN connection IP Details
IP Address: 192.168.0.1
Subnet Mask: 255.255.255.0
I've just noticed this error in the system event log, which seems to get logged when I try to log in using Remote Desktop Connection. Maybe this is the clue to solve this. I just recently brought a Vista laptop and set up my user on it before I moved to Canada.
Event Type: Error
Event Source: NETLOGON
Event Category: None
Event ID: 5722
Date: 6/07/2007
Time: 9:17:44 a.m.
User: N/A
Computer: HILLCREST1
Description:
The session setup from the computer TRISTAN-PC failed to authenticate. The name(s) of the account(s) referenced in the security database is TRISTAN-PC$. The following error occurred:
Access is denied.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 22 00 00 c0 "..À
Running ISA04 SP2.
Yes the RDP is published in firewall rules. Just copied the same rules I used on the other working server.
Local LAN connection IP Details
IP Address: 192.168.0.1
Subnet Mask: 255.255.255.0
I've just noticed this error in the system event log, which seems to get logged when I try to log in using Remote Desktop Connection. Maybe this is the clue to solve this. I just recently brought a Vista laptop and set up my user on it before I moved to Canada.
Event Type: Error
Event Source: NETLOGON
Event Category: None
Event ID: 5722
Date: 6/07/2007
Time: 9:17:44 a.m.
User: N/A
Computer: HILLCREST1
Description:
The session setup from the computer TRISTAN-PC failed to authenticate. The name(s) of the account(s) referenced in the security database is TRISTAN-PC$. The following error occurred:
Access is denied.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 22 00 00 c0 "..À
ASKER
Actually though, I can't remote in using the Administrator account either and it doesn't log any errors. so might not be the problem?
OK - so its likely not an ISA issue if you cannot connect internally either.
Are you getting the RDP login prompt?
Are you getting the RDP login prompt?
ASKER
Yes, I enter in my doman\username and password and hit connect.
Then it just gives the message saying:
"This computer can't connect to the remote computer.
Try connecting again. if the problem continues, contact the owner of the remote computer or your network administrator."
My AD properties for the 'remote control' tab has:
'Enable remote control' turned on
'Require user's permission' is turned on
In the 'Members Of' tab I have:
'Remote Desktop'
'Administrator'
'Domain Users'
Then it just gives the message saying:
"This computer can't connect to the remote computer.
Try connecting again. if the problem continues, contact the owner of the remote computer or your network administrator."
My AD properties for the 'remote control' tab has:
'Enable remote control' turned on
'Require user's permission' is turned on
In the 'Members Of' tab I have:
'Remote Desktop'
'Administrator'
'Domain Users'
OK - I have had this issue only once before and it was on one server of the domain only. It required a simple registry change to fix it and I am searching for that now. As I recall, I had to change only one value and found if off Google of all places.
Hopefully it won't take long to find as its now 11PM....
Hopefully it won't take long to find as its now 11PM....
Still can't find it ....
ASKER
I'm still no closer to finding a solution either! :(
ASKER
Was running out of ideas and not finding any errors messages to go by until
i read on a MS newsgroup about trying the "Port query" tool. So I
downloaded that and got it to query port 3389 on the IP address of the box
and it returned some clues:
"querying...
TCP port 3389 (ms-wbt-server service): NOT LISTENING
portqry.exe -n www.mydomaintest.nz -e 3389 -p TCP exits with return code
0x00000001."
Says it is not listening? and returns 0x00000001 which I presume is an error
code.
On the box I'm running ISA Server 2004 SP2 and have rules to allow RDP
access (Copied them from my SBS03 rules which work).
Is this telling me that my firewall rule is blocking 3389? or that my web server is not listening?
Where to from here?
i read on a MS newsgroup about trying the "Port query" tool. So I
downloaded that and got it to query port 3389 on the IP address of the box
and it returned some clues:
"querying...
TCP port 3389 (ms-wbt-server service): NOT LISTENING
portqry.exe -n www.mydomaintest.nz -e 3389 -p TCP exits with return code
0x00000001."
Says it is not listening? and returns 0x00000001 which I presume is an error
code.
On the box I'm running ISA Server 2004 SP2 and have rules to allow RDP
access (Copied them from my SBS03 rules which work).
Is this telling me that my firewall rule is blocking 3389? or that my web server is not listening?
Where to from here?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I can't see 3389 listed in the results.
When I put monitoring on the ISA rule for the RDP it shows the traffic hitting the rule and then displays this still:
Protocol: RDP (Terminal Services)
Action: Initiated
Rule: RDP Server
Result Code: 0x0
Then after that it gets:
Protocol: RDP (Terminal Services)
Action: Closed
Rule: RDP Server
Result Code: 0x80074e21 FWX_E_ABORTIVE_SHUTDOWN
Status: A connection was abortively closed afte rone of the peers sent a RST Segment
So is this preventing the port from opening? or is it just not open and that is causing this error?
When I put monitoring on the ISA rule for the RDP it shows the traffic hitting the rule and then displays this still:
Protocol: RDP (Terminal Services)
Action: Initiated
Rule: RDP Server
Result Code: 0x0
Then after that it gets:
Protocol: RDP (Terminal Services)
Action: Closed
Rule: RDP Server
Result Code: 0x80074e21 FWX_E_ABORTIVE_SHUTDOWN
Status: A connection was abortively closed afte rone of the peers sent a RST Segment
So is this preventing the port from opening? or is it just not open and that is causing this error?
ASKER
It's working... grr I restarted the 'Remote access connection manager" services and now the port is showing in the netstat query and everything is working.
go figure! I've restarted the server before, but maybe one of the changes in the past week fixed it, but just need a service restart to take effect.
so happy it's working. thanks for your help on this one.
go figure! I've restarted the server before, but maybe one of the changes in the past week fixed it, but just need a service restart to take effect.
so happy it's working. thanks for your help on this one.
Thanks and well done! - not seen it requie a service restart for that before
Sorry its only a link but am at work and so not much time....