[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Port 3389 blocked after Windows Update

Posted on 2006-05-03
15
Medium Priority
?
1,494 Views
Last Modified: 2008-01-16
I am running Windows 2003 server with a public IP.  After performing the most recent Windows update and rebooting I am no longer able to RDP to it either via the internal or external IPs.  I can't Telnet to it either.  (Error:  "Could not open connection to the remote host on port 3389:  Connect Failed")  I can Telnet on port 25.  This is a Windows 2003 Server running Exchange.  I have another Win2k3 server connected physically the exact same way and I am able to RDP to it.   I haven't run the updates b/c I'm now afraid to.  I have checked canyouseeme.org and it says that port 3389 is blocked.  It hasn't been blocked in the past.  I was using it to run the Windows updates that caused me to lose connectivity.  I don't see anywhere obvious that the port is blocked.  It is not blocked on my firewall b/c the other devices are still accessible.  It isn't blocked in the TCP/IP properties.  What else can I check?

Thanks!
0
Comment
Question by:ddalrymple
  • 7
  • 4
  • 4
15 Comments
 
LVL 51

Assisted Solution

by:Keith Alabaster
Keith Alabaster earned 750 total points
ID: 16593965
If you right-click the My Computer icon and select properties - remote, does it still show remote desktop still enabled?
0
 

Author Comment

by:ddalrymple
ID: 16596502
Oh yes, it does.  I forgot to add that.  It specifically says the port is blocked.  
0
 
LVL 78

Expert Comment

by:Rob Williams
ID: 16596884
Just in case you haven't looked into it:
What updates? SP1? If so are you aware it adds a firewall? You mentioned "It is not blocked on my firewall b/c the other devices are still accessible." were you referring to the Windows Firewall in Control Panel ?
0
Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

 

Author Comment

by:ddalrymple
ID: 16597060
Yes, I checked the Windows firewall as well but it is disabled.  The updates were KB912812, 908981, 911567, 911562 and 908531.
0
 
LVL 78

Expert Comment

by:Rob Williams
ID: 16597493
None of those updates look suspicious after reading outlines.
0
 

Author Comment

by:ddalrymple
ID: 16597563
I agree that none of them look like the culprit.  Could be a coincidence that that reboot is when the problem occured.  However, I was remotely connected when I did the updates and I couldn't connect remotely after the reboot.  That is why I was asking for ideas of other places/methods to check what might be blocking the port.  It's clearly blocked just on that machine.  This is my main way to administer this machine since I am almost never within physical proximity so I really need it resolved.  Thanks!
0
 
LVL 78

Accepted Solution

by:
Rob Williams earned 750 total points
ID: 16597611
Though you are actually getting a message the port is blocked verify the service running/listening, perhaps it didn't restart.
On the server at a command line enter (substitute port # if not using default 3389):
  netstat  -an  |find  "3389"
You should get the following result:
TCP   0.0.0.0:3389    0.0.0.0:0    listening
If not go to Start  | Run | services.msc and see if Terminal Services is started and set to automatic
0
 

Author Comment

by:ddalrymple
ID: 16602853
When I try that command it just returns me to the command prompt with no errors or confirmations.  However, the Terminal Services service is started.  

Any other thoughts?
0
 
LVL 78

Expert Comment

by:Rob Williams
ID: 16605004
It won't work if it is not listening. Just to double check try simply
  netstat -an
This will list all open or listening ports. Manually go through the list. Should see under local address  0.0.0.0:3389 unless you have used the registry hack to manually change the port remote desktop uses. If it is there but not shown as "listening" perhaps it thinks it is in use. If it is not there at all we will have to look further.
Make sure it is enabled under My computer | Properties | Remote | Allow users to remotely connect to this computer - just in case somehow it got switched off.
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 16607773
That was my first question Rob (hi by the way). Something doesn't quite seem to ring right here does it.
0
 
LVL 78

Expert Comment

by:Rob Williams
ID: 16607827
Ah, yes Keith, sorry I missed that on last reading. See it took me 10 steps to get that far. I must be getting old and slow. <G> Take care.
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 16607912
Hardly. Mr Whizz lol
0
 
LVL 78

Expert Comment

by:Rob Williams
ID: 16607976
:-) Tks
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 16612325
Thank you :)
0
 
LVL 78

Expert Comment

by:Rob Williams
ID: 16613908
Thanks ddalrymple. Was it somehow switched off during the update process?
--Rob
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Are you one of those front-line IT Service Desk staff fielding calls, replying to emails, all-the-while working to resolve end-user technological nightmares? I am! That's why I have put together this brief overview of tools and techniques I use in o…
Measuring Server's processing rate with a simple powershell command. The differences in processing rate also was recorded in different use-cases, when a server in free and busy states.
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an anti-spam), the admin…

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question