[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 633
  • Last Modified:

"Client could not connect" error when trying to use RWW to SBS/client machines

Hi all,

I get the error "Client could not connect to the remote computer. Remote control might not be enabled or the computer may be too busy to accept new connections" after using http://public IP/remote (I haven't set up an A record for servername/domain/remote yet) and authenticating into RWW. I see all the menu options etc.

The error appears when trying to access the SBS server or client computers. Client computers have been added via http:/connectcomputer/ or whatever the link is.

Jeff if you see this it's a different setup to http://www.experts-exchange.com/Operating_Systems/SBS_Small_Business_Server/Q_21879018.html.

Its a single NIC setup with 443, 4125, 3389 all fwded to the SBS server. There is no ISA involved.

Internally the RWW works fine - I can enter the http://servername/remote and I can connect to either SBS server or workstation with no dramas.

Anyone got any ideas?
0
gorlaz
Asked:
gorlaz
  • 8
  • 5
1 Solution
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
Are you SURE you have port 4125 open?  If it is, then please post an IPCONFIG /ALL from both the server and a sample workstation.

Jeff
TechSoEasy
0
 
gorlazAuthor Commented:
Server;

Windows IP Configuration

   Host Name . . . . . . . . . . . . : sh1
   Primary Dns Suffix  . . . . . . . : Sportshound.local
   Node Type . . . . . . . . . . . . : Unknown
   IP Routing Enabled. . . . . . . . : Yes
   WINS Proxy Enabled. . . . . . . . : Yes
   DNS Suffix Search List. . . . . . : Sportshound.local

Ethernet adapter Server Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel 8255x-based PCI Ethernet Adapter (1
0/100)
   Physical Address. . . . . . . . . : 00-B0-D0-3E-91-68
   DHCP Enabled. . . . . . . . . . . : No
   IP Address. . . . . . . . . . . . : 192.168.1.2
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.1.1
   DNS Servers . . . . . . . . . . . : 192.168.1.2
   Primary WINS Server . . . . . . . : 192.168.1.2

Workstation;

Windows IP Configuration

   Host Name . . . . . . . . . . . . : beast
   Primary Dns Suffix  . . . . . . . : Sportshound.local
   Node Type . . . . . . . . . . . . : Unknown
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : Sportshound.local

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : NVIDIA nForce Networking Controller
   Physical Address. . . . . . . . . : 00-01-6C-E3-FB-4F
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IP Address. . . . . . . . . . . . : 192.168.1.15
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DNS Servers . . . . . . . . . . . : 192.168.1.2
   Lease Obtained. . . . . . . . . . : Saturday, 17 June 2006 8:27:39 AM
   Lease Expires . . . . . . . . . . : Tuesday, 20 June 2006 8:27:39 AM

Fairly sure 4125 is being forwarded - router says TCP 4125 to 192.168.1.2. Does UDP need to be forwarded? Is there any way I can test this to confirm?

Extra info I missed previously - the router at 192.168.1.1 is the DHCP server also, not the SBS server.

Workstation is a DHCP client, but has a manual entry to the SBS server for DNS. SBS server has DNS forwarders to the ISP's DNS servers. Both SBS and workstation can access the internet. Could this be causing the issue?

The IECW setup log has no errors on it and the iecw html file states RWW is to be installed.
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
Why do you not have DHCP running on the SBS?  There is more to DHCP than assigning IP addresses... because your workstation is missing it's WINS entry.... which should also be 192.168.1.2.  Ideally you want DHCP running on the SBS though.

Jeff
TechSoEasy
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
P. S.  The way to test if 4125 is open correctly?  The quickest way is to use RWW from outside the LAN, and log in as an administrator.  Then select Connect to Server Desktops and see if you can connect to the SBS's desktop.

Jeff
TechSoEasy
0
 
gorlazAuthor Commented:
Hm... I've done a GRC scan and it its saying that 4125 is closed, but SMTP, POP and SSL ports are all found ok. Method of forwarding for all of them was the same.

Sounds like a peculiarity on the router (Draytek 2900G), will check with their tech support to find out what the go is.

Any chance an ISP would block that port?
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
If you manually configured it you might want to just let the SBS do it since there may be more than one setting on the router.  Just enable UPnP on the router and rerun the CEICW to configure.

Jeff
TechSoEasy
0
 
gorlazAuthor Commented:
Ok, I've deleted all custom port fwding and enabled UPnP and rerun the wizard.

I get an error stating that an error occurred configuring firewall and to rerun the setup.

Which I did and it promptly did the same thing again.

Another check on GRC showed that it had configured 80, 443, 3389 but not 25, 110 or 4125, all other ports were closed which is good.

I've manually opened these first three back up again. Email is working fine.

UPnP is still enabled on the router; I can still get into RWW internally and connect to the server with no dramas; I can still get into RWW remotely but not connect to anything. I still get "Client could not connect" error.
0
 
gorlazAuthor Commented:
From ICW log - only picked out error lines for today;

Error 0x1 returned from call to RegisterMSBOExchangeBP().
Error 0x80004005 returned from call to GetServiceConfigURL for WANPPPConnection().

***Interesting bit I've left in from further down the log...***
DeleteAllPortMappings 0
AddUpnpPortMapping with TCP 25 returned 0
AddUpnpPortMapping with TCP 1723 returned 0
AddUpnpPortMapping with TCP 3389 returned 0
AddUpnpPortMapping with TCP 21 returned 0
AddUpnpPortMapping with TCP 80 returned 0
AddUpnpPortMapping with TCP 443 returned 0
Call to CreateUpnpPortMappings () returned ok.
AddUpnpPortMapping with TCP 4125 returned 0
AddUpnpPortMapping with TCP 444 returned 0x80004005
Error 0x80004005 returned from call to CreateUpnpPortMappings().
Signaling upnp config failure
Error 0x80004005 returned from call to CRFireCommit::Commit().

As mentioned before - email and internet are still functioning ok, so maybe we can put the first 2 errors into the not-so-important basket for teh moment, the CreateUpnp error can probably also go that way; no it didn't work correctly but I've manually adjusted them so its ok (I think).

Last error I've got no clue,
0
 
gorlazAuthor Commented:
K, a bit more info on the port 4125 thing;

Found this blog post - http://blogs.msdn.com/matthuynh/archive/2004/03/03/83580.aspx and have dl'd and followed the instructions.

Nothing was already running on 4125.

When running the Winsock tool I got the following;

Winsock:      Listening
Winsock:      Accepting TCP connection from 10.0.0.2:port to 0.0.0.0:4125   ****10.0.0.2:port is the address of the machine that I connected from and its local address****
Winsock Error:      10053
* Description:      Connection is aborted due to timeout or other failure
* Scode:      0x800A2745
Winsock:      Closed

I'll do some searching on the error codes now.

This seems like a very strange sort of issue - does it occur often?
0
 
gorlazAuthor Commented:
More info;

On entering; 'Telnet MYExternalIP 4125' on the external machine I got no reply.

I specifically opened telnet on 23 for a sec and tried to connect to 'telnet MYExternalIP 25' and didn't get a reply. Isn't that a tad strange. I've verified that I can send mail in to the Exchange
0
 
gorlazAuthor Commented:
Ok, this is incredibly embarrassing.

My test environment for this was the network at my work which of course has ISA installed - the KB article that Matt Huynh referenced; http://support.microsoft.com/?id=828053 talks about checking ISA on BOTH ends of the connection (Scenario 2 in the KB article)

Of course it turns out that my work is blocking outgoing RDP connections and hence why this won't work!

I tested from a completely standalone machine via dialup and lo and behold it works fine.

Jeff - Thank you very much for your help on this; you really are a guru at SBS - unfortunately you can't help stupidity which is what I've been embodying!!

On the plus side - Yay!!! It works!!
0
 
gorlazAuthor Commented:
PS - Reason SBS isn't doing DHCP is because its my home network which has other machines on it that can't become domain members and I don't want to have to change DNS entries on it.

The server is an old Dell 2400 that makes too much noise to have on permanently in my small unit.

Wins isn't an issue as I don't use any Hosts files. There's another reason as well but it eludes me for the moment
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
Well, it always helps to get "the rest of the story!"  :-)  Glad you figured it out... and it definitely looks as though you were following all the right paths to get to the answer!  Congrats.

As for DHCP on your home network...if you really want to learn about SBS and are using one at home to do so (a great idea, btw), you should set it up in the same manner you would a client's.  You don't have to join your other computers to the domain if SBS is running DHCP... they'll still get their IP address, and they'll just go through SBS's DNS unless you provide alternate DNS IPs (which you wouldn't want to do on a domain workstation, but in this case it makes no difference).

Jeff
TechSoEasy
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 8
  • 5
Tackle projects and never again get stuck behind a technical roadblock.
Join Now