Solved

Setup Remote Desktop

Posted on 2004-09-27
27
1,896 Views
Last Modified: 2012-06-27
i'm trying to setup remote desktop but keep getting 'Client could not connect to the remote computer' error.

internally on my network i can connect to the machine ok by typing in its ip address.

I'm having problems connecting to it over the internet.

The machine is behind a dynalink router, i've setup a virtual server to forward tcp packets on port 3389 to the ip address of my machine. Should i be forwarding udp or any other protocols or ports ?
0
Comment
Question by:mpdalton
  • 11
  • 10
  • 6
27 Comments
 
LVL 27

Expert Comment

by:Asta Cu
ID: 12165299
This article describes how to change the port that Remote Desktop listens on.  Also shows Registry keys and info...
Note The Remote Desktop Connection Client for the Mac supports only port 3389. 3389 is the default port.
http://support.microsoft.com/default.aspx?scid=kb;en-us;306759&Product=winxp

Remote Desktop Connection does not permit loopback connections to ports that it is not listening on
By default, the client uses the port number that is specified in the following registry key:
HKEY_LOCAL_MACHINE/System/CurrentControlSet/Control/TerminalServer/WinStations/Rdp-tcp/portnumber

http://support.microsoft.com/default.aspx?scid=kb;en-us;817293&Product=winxp

Here's another open question with Remote Desktop questions that may add insight as well.
http://www.experts-exchange.com/Operating_Systems/WinXP/Q_21146650.html
0
 
LVL 27

Expert Comment

by:Asta Cu
ID: 12165315
Which version of XP?  Some overviews and links follow

How to Use the Remote Desktop Feature of Windows XP Professional
 (315328) - This article describes how to configure the remote desktop feature in Windows XP. This feature allows remote control of your Windows XP Professional-based computer from another computer running Windows XP Professional or an earlier version of Windows.
 
 HOW TO: Connect to Terminal Services with Color Resolution That Is Greater Than 256 in Windows XP
 (278502) - This step-by-step article shows you how to connect to Windows XP Terminal Services using a video resolution greater than 256-color. When you connect to a Microsoft Windows XP computer by using the Windows XP Remote Desktop Connection client, you can...
 
 You May Be Unable to Connect to Terminal Services Computer When Its Language Is Different from the Client
 (302904) - When you attempt to connect to a computer by using Remote Desktop Connection, you may receive the following message: Remote Desktop Disconnected The specified remote computer could not be found. Verify that you have typed the computer name or IP...
 
 Remote Desktop Connection software may cause an access violation if FilterQueueType is set
 (329756) - The Terminal Services Advanced Client software (or Microsoft Internet Explorer if it is hosting the Terminal Services Advanced Client ActiveX control) may experience a general protection fault if you have set the registry key to 7 as described in the...

http://support.microsoft.com/default.aspx?scid=kb;en-us;315328&Product=winxp
----
MS01-052: Clients with an Expired Temporary License May Be Unable to Connect to Terminal Services
 (315404) - New Terminal Server clients, Terminal Services clients, or Remote Desktop Connection clients may connect to Terminal Services correctly, but some existing clients that could previously connect may be unable to connect. If an existing client cannot...
 
 Cannot Reconnect to Remote Desktop After a Disconnection During Windows XP Service Pack 1 Installation
 (328930) - You may experience a problem when you try to install Windows XP Service Pack 1 (SP1) on a remote computer by using the Remote Desktop feature. If you are disconnected from the remote computer during the installation, you may be unable to reconnect to...

---

Description of the Remote Assistance Connection Process
http://support.microsoft.com/default.aspx?scid=kb;en-us;300692&Product=winxp
0
 
LVL 2

Expert Comment

by:bleujaegel
ID: 12165333
No, It only requires TCP 3389.
Make sure that you don't have a software firewall (i.e. ZoneAlarm) blocking as well.  Also, I've experienced problems with Remote Desktop not working until I removed McAfee.  

It sounds like you have a static IP configured for the computer behind router.  Typically you have port forwarding enabled for the computer and port.  Example:  Port Forwarding
Static IP 192.168.1.3 Port TCP 3389.  Hope this helps.
0
 
LVL 3

Author Comment

by:mpdalton
ID: 12165469
i'm running xp pro sp2

i've tried turning off zone alarm and the windows firewall but i don't think these are causing problems since i can connect internally.

i'm guessing it's the way the router is redirecting traffic.

here is what i've seutp in the virtual server on the router:

External Packet
PVC Name: ppp-0
Protocol: TCP  
Port: 3087 (User Define)
IP Address: 192.168.1.7

Internal Host
Port: 3087

0
 
LVL 2

Expert Comment

by:bleujaegel
ID: 12165544
Out of curiosity, what made you decide to use 3087 instead of 3389?
0
 
LVL 3

Author Comment

by:mpdalton
ID: 12165605
sorry, i copied the wrong line, one of the other machines here is using 3087 for something.

i'm definately using 3389.

my ip is 192.168.1.6 not .7 as listed above.
0
 
LVL 2

Expert Comment

by:bleujaegel
ID: 12166075
Could you post your IPCONFIG /all?  Also, the model of your Dnyalink router.  

On the connecting computer, I would also disable any firewalls temporarily and test again.  Or maybe even a different computer.  The assumption may be that it's the computer behind the firewall that's the problem, but let's make sure.
0
 
LVL 3

Author Comment

by:mpdalton
ID: 12166128
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

C:\Documents and Settings\TDS>ipconfig /all

Windows IP Configuration

        Host Name . . . . . . . . . . . . : desktop
        Primary Dns Suffix  . . . . . . . :
        Node Type . . . . . . . . . . . . : Unknown
        IP Routing Enabled. . . . . . . . : No
        WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

        Connection-specific DNS Suffix  . :
        Description . . . . . . . . . . . : Realtek RTL8139/810X Family PCI Fast
 Ethernet NIC
        Physical Address. . . . . . . . . : 00-E0-18-57-A3-89
        Dhcp Enabled. . . . . . . . . . . : No
        IP Address. . . . . . . . . . . . : 192.168.1.6
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . : 192.168.1.1
        DNS Servers . . . . . . . . . . . : 203.97.78.43
                                            203.97.78.44

i'll get back to you with the router info soon.
0
 
LVL 2

Expert Comment

by:bleujaegel
ID: 12166144
So far so good...
0
 
LVL 3

Author Comment

by:mpdalton
ID: 12166184
i've got this info on the router by typing its ip address into my browser.

[ Device Information ]  

Hardware Board CPU : Helium 210-80
DSL : Globespan Slade Annex A (T79.4.9)
Firmware Version 5.1.0.7 (30 May 2003)
CPE-end Interface 10/100 Mb auto-sensing Ethernet
12 Mb USB v1.1


i've got to take a chair or ladder down to the other end of the building as it's up too high for me to see the model ... more info soon.
0
 
LVL 2

Expert Comment

by:bleujaegel
ID: 12166364
A few other things to mention.  I'm assuming that the computer isn't going into standby or hibernation.  As I recall only one connection via remote desktop is permitted - no one can be logged in to the computer that you're trying connecting to.  Also, you might want to try configuring computer with WAN address and bypass router and see if you can connect.  This will tell you definitively whether it is a router or router configuration issue...  
0
 
LVL 3

Author Comment

by:mpdalton
ID: 12166369
the router is a dynalink rta220

http://www.dynalink.co.nz/products/rta220.htm

the computer isn't going into standby ... how can i configure a wan address ?
0
 
LVL 2

Expert Comment

by:bleujaegel
ID: 12166663
Right click 'My network places' and select properties.  Then right click your network adapter and select properties.  Click on Internet Protocol 'TCP/IP' - you may need to scroll down to see this.  Select 'Use the following IP address'.  Then enter your 'static' ip address, subnet mask, gateway, and DNS server(s).  I am assuming that you are using a static ip address assigned to you by your isp.  If you are not, then you would have to know the DHCP address assigned to your computer at any given time to know the correct IP address to use to connect via remote desktop (not recommended).  Type http://192.168.1.1 to access your router, and check to see what your 'Local WAN ip' is.  This is what you need to use when you configure the setting for the remote connection.
0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 
LVL 3

Author Comment

by:mpdalton
ID: 12166700
i've already got everything setup as you mentioned above.

i've read a post somewhere else that for this router i may need to save the configuration to the non volotile memory and reset the router before the settings take effect. when i click on virtual servers it's listed tho.

not sure what resetting the router will do to everyone connected at the moment tho ?
0
 
LVL 27

Expert Comment

by:Asta Cu
ID: 12168816
Not sure which type of Dynalink Router you have, but for one of ours, resetting was key.  This was a good step-by-step guide (PDF form); though you're in excellent hands here and likely don't need this.  The resettings for us was less than 10 seconds.
http://www.dynalink.co.nz/files/pdfs/rtw026_qg.pdf
0
 
LVL 3

Author Comment

by:mpdalton
ID: 12174418
i still haven't had any luck with this.

here's what i've done.

enabled remote desktop on my machine.
setup a static ip address of 192.168.1.6
connected successfully from another machine on the same lan.
configured our dynalink rta220 router to forward port 3389 to my static ip address.
saved the configuration on the router and reset it.
turned off all firewalls (zone alarm & windows firewall)

if i run netstat -a i get (among other things)

Active Connections

  Proto  Local Address          Foreign Address        State
  TCP    desktop:3389           desktop:0              LISTENING


an ipconfig /all gives me:

Windows IP Configuration

        Host Name . . . . . . . . . . . . : desktop
        Primary Dns Suffix  . . . . . . . :
        Node Type . . . . . . . . . . . . : Unknown
        IP Routing Enabled. . . . . . . . : No
        WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

        Connection-specific DNS Suffix  . :
        Description . . . . . . . . . . . : Realtek RTL8139/810X Family PCI Fast
 Ethernet NIC
        Physical Address. . . . . . . . . : 00-E0-18-57-A3-89
        Dhcp Enabled. . . . . . . . . . . : No
        IP Address. . . . . . . . . . . . : 192.168.1.6
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . : 192.168.1.1
        DNS Servers . . . . . . . . . . . : 192.168.1.1

anyone have any other ideas here ?
0
 
LVL 27

Expert Comment

by:Asta Cu
ID: 12174744
Have you tried reinstalling ZoneAlarm and then uninstalling it again?  I just encountered another Asker at this site, with similar problems and the initial problems was ZoneAlarm related, but the initial uninstall didn't complete properly going through the reinstall/uninstall process again worked for him.
0
 
LVL 2

Expert Comment

by:bleujaegel
ID: 12175471
Maybe try setting up another XP pro computer behind the firewall to connect to.  It may just be a registry issue.  Otherwise, perhaps it's just a defective router.  It happens sometimes, like anything else.  Also, possibly an SP2 related issue.  I'll look into it further...
0
 
LVL 3

Author Comment

by:mpdalton
ID: 12213533
i'm still not having any luck. i've tried setting up another machine but the same result, can connect internally, but not for outside the network.

a couple of things i've noticed on the router which i don't know anything about and may be affecting this.

IGMP proxy is disabled
No DMZ host is setup.

could this be causing problems ?
0
 
LVL 2

Expert Comment

by:bleujaegel
ID: 12213580
"IGMP is used by IP hosts to register their dynamic multicast group membership. It is also used by connected routers to discover these group members." - I never have used it personally.  I can't imagine this being related.

You can try setting up your computer as a DMZ host.  However, be aware that this completely exposes your computer.  You at least need a software firewall to lock down any open ports.  

I've set up Remote Desktop several times before without this kind of trouble, but I'll go try it again right now on my home computers and get back to you in a few minutes with the results.

0
 
LVL 2

Accepted Solution

by:
bleujaegel earned 500 total points
ID: 12213838
OK, I just set it up and here are my findings.  I was getting the same error as you initially, but I shut down ZoneAlarm and logged off Windows and all was good.  You may need to create a rule in your firewall to allow access.  The problem with my version of ZoneAlarm Pro (version 4), is that it didn't have an option to allow only TCP 3389.  It had the basics (HTTP, FTP, etc), but nothing for 3389.  So I enabled 'all' and I had no problems accessing my computer.   You may want to install a firewall that has more flexibility, or use the windows firewall instead.  It has an option for 'Remote Desktop' built in.  Anyway, all you need is TCP 3389 forwarded to your IP, make sure you have a rule for the Windows Firewall to allow access (you might want to remove ZoneAlarm), and make sure on the computer you're trying to connect from that your using the right username/password (I selected 'Save As' to save the profile for future reference, otherwise you have to make sure to re-enter it everytime, a real hassle).  Triple check to make sure 'Remote Desktop' is enabled while your at it.  
0
 
LVL 3

Author Comment

by:mpdalton
ID: 12230701
thanks to everyone for their help, especially bleujaegel.

I still can't get this to work but i suspect this is a problem with my router.

I've given bleujaegel full points as under normal circumstances his answer would have been correct and i'm sure what he has written here will be of assistance to many other people.

thanks again.

0
 
LVL 27

Expert Comment

by:Asta Cu
ID: 12230887
Happy you're pleased and hats off to bleujaegel .  
":0) Asta
0
 
LVL 2

Expert Comment

by:bleujaegel
ID: 12237485
I'm surprised it's not working.  I mentioned removing ZoneAlarm from the computer you are connecting to.  Perhaps remove it from the other one as well temporarily and try again.  If it's not working with the firewalls removed, it probably is the router.  Don't underestimate the stubbornness of these firewalls.  I can't tell you how many times ZoneAlarm has blocked intranet and VPN connectivity.  Good luck.
0
 
LVL 3

Author Comment

by:mpdalton
ID: 12241476
i've managed to get it working now setting up my machine as the dmz host which i think forwards all ports ??

not best solution i know. could it be that remote desktop needs more than one port forwarded, ie TCP 3389 ?
0
 
LVL 27

Expert Comment

by:Asta Cu
ID: 12241527
I find this very informative on DMZ Host and configuration info.
http://www.microsoft.com/hardware/broadbandnetworking/10_concept_port_fwd.mspx
0
 
LVL 2

Expert Comment

by:bleujaegel
ID: 12245205
Good article astaec.  

My Linksys router has a DMZ option that I do not use.  I know for a fact that Remote Desktop only requires TCP 3389, because that was all I had enabled via 'Port Forwarding'.  Check this out:  

http://www.experts-exchange.com/Networking/Q_20604629.html.  

Perhaps open all ports via port forwarding (ports 1-65535) to see if it works (take off DMZ).  Duh, I forgot to mention maybe trying a firmware upgrade on the router.  Check the manufacturer website for any revisions and see if they apply to your particular problem.   Keep me posted.
0

Featured Post

Free Gift Card with Acronis Backup Purchase!

Backup any data in any location: local and remote systems, physical and virtual servers, private and public clouds, Macs and PCs, tablets and mobile devices, & more! For limited time only, buy any Acronis backup products and get a FREE Amazon/Best Buy gift card worth up to $200!

Join & Write a Comment

Can you find a fax from a vendor you saved a decade ago in seconds? Have you ever cursed your PC under your breath during an audit because you couldn’t find the requested statement or driver history?  If you answered no to the first question or yes …
For both online and offline retail, the cross-channel business is the most recent pattern in the B2C trade space.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

24 Experts available now in Live!

Get 1:1 Help Now