• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 344
  • Last Modified:

Remote Admin

Hello,

I have a network with 2 windows 2003 servers and 30 windows xp computers, i can remote admin into the servers fine but when i try and remote into one of the windows xp machines it doesnt let me even thought i have Remote Assistance and Remote Desktop turned on the windows xp machine i want to be able to remote into.

Any windows xp machine i turn remote desktop on wont let me connect too it.. all users are connecting on the domain and logging on with there active directory user name and password.

:)
0
slug0r
Asked:
slug0r
  • 10
  • 8
  • 5
  • +2
2 Solutions
 
Lee W, MVPTechnology and Business Process AdvisorCommented:
IS the XP Firewall enabled?
0
 
Fatal_ExceptionSystems EngineerCommented:
Or possibly any other firewalls?  Norton Security?  McAfee?  if so, uninstall them first..
0
 
slug0rAuthor Commented:
No firewalls on the XP Machines.. firewall has been turned off on the machines.
0
Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

 
Fatal_ExceptionSystems EngineerCommented:
If you are using your Domain Admin credentials, make sure that the Domain Admin is one of the Allowed Users...
0
 
jcdesign4uCommented:
maybe a hardware firewall in the network?
can you ping the xp machines from the servers?
Have you tried to acces the xp machines with the ip adress or the hostname?
0
 
slug0rAuthor Commented:
I cannot ping the xp machine from the server..

I do have a netgear 834g which has a firewall built in..
0
 
Fatal_ExceptionSystems EngineerCommented:
That is a consumer grade router/switch (and AP) from what I see...  make sure you have port 3389 open to the other side of the subnet, pointing to the remote PC that you are trying to access....

FE
0
 
slug0rAuthor Commented:
I Have this point open for the machine i am trying to remote into, still nothing happens.. i dont understand why i cannot ping the computer..
0
 
Steve KnightIT ConsultancyCommented:
How are you trying to get to the workstations, irectly from outside or from inside?  If outside then an easy fix is of course to jump onto the server and remote desktop from there onto the client PC.

If this is from outside connection how do you currently get to the two servers, different ports externally?

If this is internal:

Do you get as far as a login box screen or nothign back
If you do netstat -an on the PC that you can't remote to does it show as 0.0.0.0:3389    LISTENING or similar

0
 
Steve KnightIT ConsultancyCommented:
If you are going from outside to inside as per your last comment (passed with mine) then you won;t be able PING.  The router does not allow ICMP fom outside to inside.  Are you coming in by VPN or just through a port forward / firewall rule?
0
 
slug0rAuthor Commented:
its Internal im trying and yes when i do a netstat -an it shows 0.0.0.0:3389 LISTENING..

I just tried pinging some other windows xp machines and it wont ping internally but i found a windows 2000 machine and i can ping this.. still firewall is not on any of these machines.

Eventually when i can fix the internal settings i will try to setup so i can come in externally directly to my work machine.
0
 
Steve KnightIT ConsultancyCommented:
OK, there MUST be a software firewall or network comms issue between them, we know the port is listening OK and the DG834 is out of the pictue for now then.  I presume the tickbox "Remote Desktop" is turned on not just "Remote assistance"

Give us an IP, gateway and subnet mask off two machines that can't PING each other.
Are you sure they don't have Norton installed or other software firewall if the XP one is turned off?

Steve
0
 
slug0rAuthor Commented:
Ok the server cannot see this machine:-

Windows XP:-
IP:- 89.0.0.59
SUBNET:- 255.0.0.0
GATEWAY:- 89.1.1.138    (DG834G)

The Windows 2003 Server is:-
IP:- 89.0.0.1
SUBNET:- 255.0.0.0
GATEWAY:- 89.1.1.138   (DG834G)

Definatly no other firewall and the XP one is turned off
0
 
Steve KnightIT ConsultancyCommented:
OK, does this have workstation have any comms.  What can it get to.  Can the workstation:

PING 89.1.1.138 (gateway)
PING 89.0.0.01  (the server)
PING 158.43.128.1  (a DNS server on the internet that responds to PING's)
get to a webpage on the internet

If it can't PING the router then it has to be a physical or logical comms error or firewall on that PC -- the DG834G will always respond to PINGs on the LAN side.

Steve



0
 
slug0rAuthor Commented:
The workstation can ping 89.1.1.138 and 89.0.0.1 and 158.43.128.1 with no problems and can browse the internet.

0
 
Steve KnightIT ConsultancyCommented:
OK thats good (and assumed it must be!), what about the server. Can that ping the same hosts (perhaps not the workstation as you say).  If it can't PING the w/s then either the w/s or server is blocking ICMP, i.e. one of the two is running a firewall... or I suppose could be IPSEC IP filtering rules but unlikely.

Steve

0
 
slug0rAuthor Commented:
The Windows Firewall and Internet connection sharing service isnt running on the Windows 2003 machine is also turned off on the windows xp machine, definatly no other firewalls running on the server and workstation.

Also the server can ping the above addresses
0
 
slug0rAuthor Commented:
I can ping any windows 2000 machine on the network, it seems to be just the windows xp machines that i cannot ping and they dont have any kind of firewall installed.
0
 
Steve KnightIT ConsultancyCommented:
Ok sorry I thought before you said itcouldnt ping other machines - was jujst trying to narrow down where the comms issue was.

Can you rdp to this client from the server (as we know ping works...)
0
 
slug0rAuthor Commented:
i'll be more clear...

the server can ping the gateway 89.1.1.138 it can ping 158.43.128.1 it can browse the internet and it can ping any windows 2000 machine but it cannot ping any windows xp machines for example 89.0.0.59, i cannot rdp this windows xp workstation from any machine server or workstation.

0
 
Steve KnightIT ConsultancyCommented:
Sorry, was away driving and eating and kids to bed, evening over here :-)

These machines that cannot ping.  If machineA can't ping ping machineB does it work the other way around.  If not then there is a problem.  I believe you are saying that 89.0.0.59 can ping 89.1.1.138 but not the other way around. That can't be a fault with subnet mask etc. as a PING is two way comms.  If a PING works one way it is categorically a firewall blocking ICMP.   If you type this on the XP machine it will show you the results of firewall:

netsh firewall show state
netsh firewall show config



Steve
0
 
Fatal_ExceptionSystems EngineerCommented:
What port are you plugging the LAN into on the router / AP?  this may tell us something, as if this is a WAN enabled modem, and you plug in with this port, the communication will only be one way unless ports are opened..
0
 
slug0rAuthor Commented:
I got it working by changing the port on the Computer i wished to connect to and forwarding the port from the router to the computer.

How do i close the question?
0
 
Steve KnightIT ConsultancyCommented:
I'm confused how your solution dealt with not being able to ping or remote desktop to the machine even from the lan?

You can accept an answer, use the split points link or ask for the question to be deleted but the experts involved may object to that.  Giving anything less than a grade A if you decide to accept or split doesn't exactly encourage experts to offer assistance next time...
0
 
Fatal_ExceptionSystems EngineerCommented:
Thanks for closing..

FE
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: CompTIA Cloud+

The CompTIA Cloud+ Basic training course will teach you about cloud concepts and models, data storage, networking, and network infrastructure.

  • 10
  • 8
  • 5
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now