Solved

Remote Desktop connection weirdness....

Posted on 2007-03-23
4
287 Views
Last Modified: 2013-11-21
I have an unusual situation. I have an office network with a MS ISA server as a firwall to the internet. I have set up my workstation as a host for remote desktop connection. I have assigned it a fixed internal IP address. In the publishing rules on the Server 2000 ISA server ISA Management, I have mapped a public IP address to this internal  IP address on my workstation so that I can access my workstation and my network from any RDC client. It works great. Two of my colleagues have asked me to do the same for them. I needed to get another block of IP addresses from my ISP, which I did. I enterered this block into the ISA server. I set up one colleague's workstation, and after ironing out a few wrinkles I got his to work with no problem. The other colleague got a new laptop and decided to use his older laptop, which is quite powerful and heavy (which is why he decided to get a new one) as a workstation. It runs XP business, like all of our workstations. Here's the mystery...I can't access the laptop using the external IP address. Mind you, I am outside our network when testing the public IP address. However, I can access the laptop RDC host internally, using the internal IP address. So it appears the public IP address is not passing through the ISA server correctly. So to test this, I reassigned colleage #1's ISA set up (which I know works) to colleage #2's IP address, but this didn't solve or prove anything. It still didn't allow me to access the laptop's RDC host. Anybody have any idea why?
0
Comment
Question by:DWIvey
4 Comments
 
LVL 9

Accepted Solution

by:
Bill_Fleury earned 250 total points
ID: 18782771
I'm not sure what's going on in your situation, however I'd like to point out the fact that you could run RDP to all three stations using the same IP address.  In your port forwarding, set the external port number to another port, ie: 3390 and the internal to 3389.  Then on the client end, connect to host {yourip}:3390
0
 
LVL 51

Assisted Solution

by:Keith Alabaster
Keith Alabaster earned 250 total points
ID: 18782812
Firstly, just for rdp, you didn't need extra ip addresses, you just needed to use a different port number.

First machine on ip a.a.a.a port 3389
2nd machine on ip a.a.a.a port 3390
3rd machine on a.a.a.a port 3391 etc

create protocol definitions for tcp inbound on ports 3390 and nother on 3391
Make sure your external router forwards port 3390 and 3391 tcp to the isa external nic

In the publishing rule you make for rdp-3390, select the new protocol you have created and redirect it to the internal machine but use the redirect option to change it to 3389
do the same again, publish a server using the rdp-3391 protocol you created, send it to the internal ip of the machine you want it to deal with but again, redirect it on port 3389

On the clients, tell machine 1 user to rdp to the external router ip
                              machine 2 user to rdp to the external router ip:3390
                              machine 2 user to rdp to the external router ip:3391

Issues:
By default, a workstation only accepts calls from the domain dmins group, others you need to add.....

0
 
LVL 1

Expert Comment

by:Computer101
ID: 20286704
Forced accept.

Computer101
EE Admin
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now