Solved

Able to Remote Desktop into Server but unable to access shares

Posted on 2003-11-07
10
5,255 Views
Last Modified: 2008-02-07
I am in WAN that consists of of 38 sites. I just added 4 new windows 2000 Member Servers to 4 different sites. From my computer on my desk i am ABLE to Remote Desktop into the off site server called  "OFFSITESRV1." However, from my desktop on my desk if i go to Start-->Run and enter \\OFFSITESRV1  I receive an error stating "Network Path not Found". So i taught maybe this was a name resolution error so next i tried the static IP address of the server \\10.1.0.92 and I received the same error, "Network Path not Found". Keep in mind that i am able to Remote Desktop from my desk computer into OFFSITESRV1 using both the Netbios Name and the IP address, meaning that an actual connection exist. I am unable to ping becuase the Ping port has been closed due to security reasons. I know that  \\OFFSITESRV1 works because people that are located in the same building as OFFSITESRV1 can print and access shares from that server. Now something else that is rather interesting is that if i go to OFFSITESRV1 and i go to Start-->Run and type in \\mydesktop i am able to acccess shares located on Desk Computers. My question is why am i able to Remote Desktop server into OFFSITESRV1 but unable to access thru \\OFFSITESRV1 or \\10.1.0.92? By the way i am Domain Administrator so it is not a rights issue.
0
Comment
Question by:gbarrientos
  • 2
  • 2
  • 2
  • +4
10 Comments
 
LVL 67

Expert Comment

by:sirbounty
Comment Utility
Remote Desktop uses Remote Desktop Protocol (RDP) 'typically' on port 3389 (which is probably not closed down on your network).  But, as you said the ping port is...
One option is to try via FTP (if you have it installed on OFFSITESRV1) to access your shares, or vpn.
Otherwise, allow access through the appropriate port(s) for network access:
 (Port listings: http://www.iana.org/assignments/port-numbers)
0
 
LVL 9

Expert Comment

by:svenkarlsen
Comment Utility
I think we should focus on the "Network Path not Found".  My guess would be that the engineer who configured the router at OFFSITESRV01 has closed/not opened an essential port for incoming traffic, or there's a small flaw in a security policy somewhere.

But guessing is never good enough, so here's the interview (shotgun style ;-):

1. Is OFFSITE 1 the only problematic site, or does the problem apply to all 4 sites ?
1. Do you use different IP subnets for each off-site?
2. Do you use VPN-tunnels?
3. If so: are the VPN-tunnels Win2000-based, or other (Cisco?) ?
4. "Remote Desktop", - do you mean administrative Terminal Services ?
5. Do you run Win2000 DNS and does it have the WINS through DNS resolution enabled ?
6. is it possible to "Start-->Run -->  \\OFFSITESRV1" from any box on your central subnet (neighbours to your wks) ?

Kind regards,
Sven
0
 
LVL 13

Expert Comment

by:rhinoceros
Comment Utility
It is very different. On "Remote Desktop" it mean offer the remote service to you if you have the username & password. But "\\OFFSITESRV1 or \\10.1.0.92" The server will not share the resources directly to the internet. If true, do you think it is many dangerous, right ? (It is involve the routing & network configuration)

On the other hand, normally you can do it on local building. I believe you are success to go into the your own LAN. (Supposed you login to the your local domain & access all domain resources, and assign the local IP from DHCP.. e.g. 192.168.0.1 ... etc.) So why can do it on your building only.

If you want to solve it. You should build up the VPN-tunnels (with encrypt security) from Win2000 server side. And create the VPN Dialup from your Desktop. Therefore you are able to directly dialup to go into the domain through internet, then you should do it as you want.

I hope it can help.
0
 
LVL 9

Author Comment

by:gbarrientos
Comment Utility
Okay here are some of the answers to the questions above.  OFFSITESRV1 not the only problematic server. Out of the 4 servers i am only able to reach OFFSITESRV2 by using Start-->Run -->  \\OFFSITESRV2. OFFSITESRV2 is not located on the same site as OFFSITESRV1.  Each site does have a different subnet, there are 5 v-lans, both my computer on my desk and servers sit on the same v-lan.  No we do not use vpn tunnelling. Yes by Remote Desktop i do mean Administrative Terminal Services (sorry for any conffusion Remote Desktop is the name WinXp Pro uses.) I also tried accessing \\OFFSITESRV1 from the Domain Controller and other workstations located on the same V-LAN and the same problem occurs I Administer the server thru Terminal Services but i cant reach it using \\name-of-server or \\IP-Address. Keep in mind that name resolution is not a problem, as the problem occurs even when using the IP address of the sever. All sites are linked together via Duel T1 WAN-Links. Flawed security policies on the routers dont seem to be the problem because if that was so i wouldnt be able to Terminal Service into the server in the first place. Also remember that the server is able to access a share on my computer meaning that communication is allowed.
0
 
LVL 9

Accepted Solution

by:
svenkarlsen earned 500 total points
Comment Utility
The fact that you're able to open a Remote Desktop Session only shows that one or some ports are open, - not that the required ports for RPC, etc. is available (and a remote session is special security policy-wise: it is actually considered similar to a local access). A remote desktop session isn't much more advanced than a telnet session, - no domain security rearding the network connection.

That the server is able to use shares on your computer does not tell us anything but the fact that traffic initiated at the remote site will be accepted. If the remote routers does not allow incoming traffic on the relevant ports, you will not get in.

My best bet is still on the remote routers, - routers at your end would not normally have ny restrictions on any connection that you initiate and the same applies to the remote site: any connection initiated from their end will also normally be allowed to go out through their router. (by 'normally' I mean the default policy of a router/firewall).


I forgot to ask: what info did you find in your logs for the failed connection attempts?

Unless anyone have an inspired moment and comes up with a ready solution, I believe we shall have to test the required routes. A quick way would be: open a remote session to the \\OFFSITESRV1 and access the router/firewall at that end from there (what make of router/firewall do you use ?). Get a copy of the configuration and check that incoming traffic from your HQ is fully allowed ( or remove sensitive addresses from the file and post it here, - we'll try to help as much as we can).

Kind regards,
Sven



I still think we need to investigate TCP/IP access on router level from your office to OFFSITEs.
0
Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

 
LVL 1

Expert Comment

by:parturi
Comment Utility
I did get the same problem as you, don't know why but, when I tried to map a network drive I did get the same error, all the time I right click on "My Network Places" and then typed \\x.x.x.x\$C, I was prompted for usr and pwd and then I got connected. Some times, when I do the same I got "path not found", but if I enter user name and password in "Connect using a different user name" before I can connect.

0
 
LVL 11

Expert Comment

by:Quetzal
Comment Utility
RDP access uses port 3389.  Netbios access (to be able to use \\OFFSITESRV1) uses port 139.  Having RDP access does not guarantee netbios access.  Unless your desktop and OFFSITESRV1 are on the same network (and it sounds like they are not), then there are routers that lie between your desktop and OFFSITESRV1.  These routers are currently configured in a way that don't permit netbios access.  There are ways to fix this, but we would need to know more about your network topology (per Sven).
0
 
LVL 9

Author Comment

by:gbarrientos
Comment Utility
Great i took a look at the configuration inside the Cisco router and found an access list that was blocking some inconming traffic. Which now raises a security issue. Because of the fact that all configurations on all the routers are pretty much copied and pasted the only difference is the IP address and helper address made me think that access list wouldnt be a problem. But i stayed up all last night and compared configurations for some reason ports were being blocked for no reason. Thanks alot guys.
0
 

Expert Comment

by:nrpb
Comment Utility
I have a windows 2003 server for small business, but my problem is, from my server i'm unable to access other computers on my workgroup, the error i get is "Network Path NOt Found". But sometimes i'll be able to access other computers.  What will be the problem and can anybody provide possible solutions.
0
 
LVL 67

Expert Comment

by:sirbounty
Comment Utility
nrpb - this thread has been closed for a long time.
Your best bet is to post a new question and assign points to it to attract experts to helping you...
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
Find out what Office 365 Transport Rules are, how they work and their limitations managing Office 365 signatures.
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now