• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 663
  • Last Modified:

Cannot RDP to SBS 2K Server running ISA in Adminstration mode

I have an SBS 2K server with ISA running; it is running TS in adminstration mode so that I can administer it remotely.  Usually this all works fine, but occasionally (such as now), I am suddenly unable to make and RDP connection.  I get the following:

Remote Desktop Disconnected.  The client could not connect to the remote computer. Remote connections might not be enabled or the computer might be too busy to accept new connections. It is also possible that network problems are preventing your connection. Please try connecting again later. If the problem continues to occur, contact your administrator.

Now I am unable to make an RDP connection to this server from either the external or internal interface.

This was working fine until this morning when I installed the lastest security patches (from windowsupdate).  When I rebooted, I was no longer able to RDP.  I've installed these same patches on a different SBS 2K server that has ISA disabled and I have no problem with making connections.  I am suspecting an ISA issue but am not sure what to do.
0
Quetzal
Asked:
Quetzal
1 Solution
 
PaulADavisCommented:
remove the patches and see what happens with ts... if it works after you remove the patches then you will know what the problem is. you can readd the patches one by one, testing ts after each one to see which is causing the problem. check up on the patches to see what they do and any known issues.

did you verify that ts was running or restarted on the server? how is connectivity to the server? can you ping, or otherwise make some sort of network connection to the server?

just curious, is everything else working fine in the server?
0
 
jonpaulrCommented:
Also, make sure that your TS license has not expired. You'll get a similar message if they were temporary licenses and the 30 day period is up.
0
Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

 
QuetzalAuthor Commented:
Paul, in all other respects everything is normal on this server.  I don't think that the patches are at fault (see next post).  I can ping to this server from external and internal interfaces.  I have a TS server (in user mode) connected to the inside interface of this server and can get to/from it just fine (except for an RDP connection to this server).  Nothing in the event log appears unusual and all services are running.

stafi, that article does not pertain to Win 2K.

jonpaul, I don't need a TS license to run in administration mode, do I?  But I also only connect from Win2K and WinXP clients.
0
 
QuetzalAuthor Commented:
Here is a workaround I did.  I don't know why it worked, which means that it probably masked something else.  But maybe someone smarter than me can figure it out.

First, I thought that ISA might be the culprit.  Stopped and started the firewall (with no other changes)...same problem.  Enabled an "any protocol" protocol rule and an "any protocol" packet filter rule, stopped/restarted the firewall...same problem.  So I disabled the "any" rules and stopped/restarted the firewall to return to the starting state...still same problem.

On the SBS server, I have 2 dual-port nics (don't ask why, I just do); one nic is dedicated to the ouside interface with one port enabled and the orther disabled.  The other nic is is dedicated to the inside interface with one port enabled and the other disabled.  The inside nic is connected directly to the outside nic of the Terminal Services server used by my users (it is running in user mode and running Citrix); the TS server is a firewall client.  On the SBS server, I had one TS connection configured to listen on all interfaces.  

So, on the SBS server, I opened the TS Configiruation Manager.  I set the connection to listen only on the active inside interface...lo and behold, I could rdp from the inside interface.  Then I set the connection to listen only on the active outside interface...lo and behold, I could rdp from the ouside interface.  So, then I set the connection to listen on all interfaces again (the original state)....and I could rdp from both interfaces again.   Why did this work?  What caused it to listen again?

I decided that there might be an issue related to having TS listen on all interfaces when two them were disabled.  So I deleted the old TS connection and created 2 new connections, one listening on the active outside interface and the other listening on the active inside interface.  I don't know if this was required to fix my problem and probably won't know until I've rebooted a few times to see that the problem does not recur.

Anyone have any theories or (better) actual knowledge to explain what I observed?
0
 
QuetzalAuthor Commented:
My workaround seems to have solved my issue.  If no objections in 72 hr, I am gonig to close this question with no points awarded.
0
 
moduloCommented:
Closed, 500 points refunded.

modulo
Community Support Moderator
Experts Exchange
0

Featured Post

Vote for the Most Valuable Expert

It’s time to recognize experts that go above and beyond with helpful solutions and engagement on site. Choose from the top experts in the Hall of Fame or on the right rail of your favorite topic page. Look for the blue “Nominate” button on their profile to vote.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now