Solved

Nuvox T1 and RDP

Posted on 2006-07-07
7
602 Views
Last Modified: 2012-06-21
Hi,
I am having difficulty successfully setting up RDP connections to an office with a fractional T1 voice/data line provided by Nuvox Communications. The RDP host is funtional, as it can be accessed across the LAN, but not from outside. I am familiar with the router port forwarding requirements as I have about half a dozen computers on different networks which I set up and use via RDP. On several of them RDP utilizes a non-standard port other than 3389.

This is the only network which uses Nuvox for data/voice communications with the outside world, and I think this is where I am going wrong. The information I am getting from Nuvox regarding public static IP addresses is suspect, as it varies depending on who I am talking to. One rep stated there is only one static public IP available for our use, another that there are 3 available, and in neither case did the IPs match 4 Public IPs I have found assigned to four different machines on the network which host incoming connections. (I am new to this situation, and the person who set this up is no longer with the company).

From what I have read elsewhere, and have been told by Nuvox, unlike static IP addresses from the cable company or the telco, there is some re-direction going on with most of the static IPs. Maybe this is where the problem is? Or maybe it is with the Zytel P310 broadband router, which is set to redirect the RDP port to the local ip but perhaps is not functioning correctly. At this point, I don't even know if the Zytel has the appropriate static WAN IP assigned in it.

Any guidance is much appreciated, I am uncertain exactly where the problem is.

Thanks,
Bill

0
Comment
Question by:westone
  • 4
  • 3
7 Comments
 
LVL 77

Expert Comment

by:Rob Williams
Comment Utility
Perhaps start by connecting to  http://www.whatismyip.com  from the PC to which you are trying to connect.  This will tell you it's true, current, public IP. Verify that this is the IP with which you are trying to connect. If so, check all devices between you and the Internet to see that port forwarding is enabled. Sounds like you may have multiple routers between the PC and the Internet. Each will have to have the appropriate port forwarding configured.
0
 

Author Comment

by:westone
Comment Utility
Thanks RobWill,

The WAN IP (according to www.mywanip.com) is the WAN IP address assigned to the router, and the address used in attempting to connect via RDP to the WIndows 2003 Server. I have tried routing both the default port of 3389 and a non-default port from the router to the server.

NEW INFO:

I was able, with no problem at all, to setup a connection using RealVNC, routing the VNC port to the server. So perhaps I need to be looking at something on the server. The terminal server role is NOT installed, and terminal services is running, same as other Windows 2003 servers I RDP into in other locations.

I also did a tracert to the router and to some external addresses, and found that in each case the route goes directly to the internal IP of the router, then to the external gateway address given us by our ISP, and on from there. There is another router on the network, but it appears to not be playing a role in this situation.
0
 
LVL 77

Expert Comment

by:Rob Williams
Comment Utility
Where you can access the server through other services, and remote desktop works locally, it is very odd. A couple of thoughts:

>>"There is another router on the network, but it appears to not be playing a role in this situation."
The router on which you are configuring port forwarding is the default gateway for the server, I assume?? Actually must be if VNC works.

-At least as a test make sure the Windows (or any other software firewall) is disabled. They have different scopes/rules for local and Internet connections. Also check any virus protection suites than may include a firewall.
-If you haven't done so reboot the router in case a particular protocol is "locked up"

0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 

Author Comment

by:westone
Comment Utility
Oh, I was able to RDP locally to another machine (not the server), but then was not able to RDP to that machine from the outside, or to the server. Since then I have been focusing on the server. I will try the other machine again, though.

The router has been re-booted the other day.
0
 
LVL 77

Accepted Solution

by:
Rob Williams earned 500 total points
Comment Utility
If you cannot connect to the server from the LAN then have a look at the following "check list" especially #8:

1-try connecting using the IP of the remote computer not the computer name
2-"allow users to connect remotely to this computer" must be enabled
3-you must be a member of the remote desktop users group (administrators are by default)
4-if the workstation is a member of a server 2000/2003 domain you will have one of the 2 following check boxes, depending on the version, on the "Terminal Services Profile" of the users profile in Active Directory. Make sure it is checked appropriately. "Deny the user permission to log on to any terminal server", or "Allow Logon to Terminal Server"
5-if XP SP2 or Server 2003 SP1 the firewall needs to be configured to allow remote connections ( I would disable for now for troubleshooting purposes)
6-make sure any other software firewalls are disabled as well (for test purposes), including Internet security suites. Symantec's sometimes needs to be un-installed or if using Symantec Antivirus some versions have "Internet Worm Protection" which can block Remote Desktop. Try disabling that as well.
7-Verify the Remote Desktop User group has the rights to log on using Terminal Services.  Go to Control Panel | Administrative tools | Local Security Policy | Local Policies | User Rights Assignments ...make sure Remote Desktop Users is included in "allow logon through Terminal Services"  
8-The terminal Services service must be running
If you have access to the remote machine make sure it is "listening" for your connection. To do so at a command line enter (substitute port # if not using default 3389):
  netstat  -an  |find  "3389"
You should get the following result:
TCP   0.0.0.0:3389    0.0.0.0:0    listening
0
 

Author Comment

by:westone
Comment Utility
Thanks for the advice,

I overlooked turning on remote access under system properties! What a simple oversight that has had me lost as to why I couldn't get connected. After that was corrected, policy also needed editing to allow remote users access, so that info was useful.
0
 
LVL 77

Expert Comment

by:Rob Williams
Comment Utility
Thanks Bill, glad it was of some help.
I made the list once as I find it's easy to look-over a little detail some times.
Cheers,
--Rob
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

For a while, I have wanted to connect my HTC Incredible to my corporate network to take advantage of the phone's powerful capabilities. I searched online and came up with varied answers from "it won't work" to super complicated statements that I did…
Secure VPN Connection terminated locally by the Client.  Reason 442: Failed to enable Virtual Adapter. If you receive this error on Windows 8 or Windows 8.1 while trying to connect with the Cisco VPN Client then the solution is a simple registry f…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now