Solved

Remote Desktop a client Behind SBS 2003 Server

Posted on 2008-06-11
10
968 Views
Last Modified: 2010-04-21
SBS 2003 SP2 configured with 2 Nics, internet connection is connected directly to a speedstream modem, the other connected to the internal network switch.  I am able to remote desktop into the server, I want to remote desktop into one of the client computers behind the server firewall.  I have changed the client listening port to 3390 and opened port 3390 via Routing and Remote access.  I then run the open port check tool via canyouseeme.org and the port is not open.  Is there another setting I need to make to open port?
0
Comment
Question by:StoutMan
  • 4
  • 3
  • 2
  • +1
10 Comments
 
LVL 24

Expert Comment

by:purplepomegranite
ID: 21765198
Is the client firewall turned off too? i.e. on the workstation you need to access?  If it is turned on, you need to create an exception for remote desktop - especially as you have changed the port number, the default firewall settings will only open port 3389 for RDP.

Another point to note is that if you can remote desktop to the server, you can actually create another remote desktop session from the server to a client -and of course, it being from the server, you are already past one firewall.
0
 
LVL 6

Expert Comment

by:Eric
ID: 21765251
make sure you open the 3390 port on the client firewall.  also i know to change the port on a client with xp, i thought it required a registry change to force the different port number on the client to "watch"

How to change the listening port for Remote Desktop
http://support.microsoft.com/kb/306759

0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 21765475
There is no need for any of this. SBS is the only operating system offering Remote Web Workplace (RWW). Remote web workplace also you to connect to the SBS network using a web browser using SSL (more secure than direct remote desktop) and access the server or any PC on the network without changing listening ports or adding additional forwarders on the router. Also it eliminates the need to create custom firewall scopes due to SBS's default policies, and the need to enable routing on the SBS because of the 2 NIC's.  Once connected the RWW session is exactly the same as a Remote Desktop session.

RWW is easy to set up and implement, but you must use the wizards. It requires running the connect to the internet wizard under server management / internet and e-mail. If you also have a router you need to forward ports 443 and 4125 to the SBS.
An outline and some links with further information can be found here:
http://www.lan-2-wan.com/SBS.htm#q1
0
 

Author Comment

by:StoutMan
ID: 21765959
I have made the registry change on the client computer and added firewall exception to the cleint computer.  While connected to the server I can remote into the client computer using port 3390 so I know th port is working.  Just don't know why the server firewall is not allowing the port to open.  This is a small office with only a few client computers and the office manager needs to access her computer only, or I would go the RWW route.  I have also tried to configure vpn access however I get error 723 when trying to connect, at one point it did work,now it just fails to connect.  Thanks for the help so far.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 21766139
This is a complicated configuration and you have several issues to deal with if you are not going to use RWW. Firstly the exception on the client firewall by default is only for connections from the local LAN. You need to allow "all computers even those from the Internet". See:
http://www.lan-2-wan.com/RD-FW.htm
Then not only do you have to allow access from the Internet but you cannot configure the SBS firewall so you have to disable it. Next you have to configure port forwarding within RRAS to route the external packets from the WAN interface to the LAN PC.

RWW if SBS and clients were configured properly should take 5 minutes to enable. You can control who has access to it if you like.
0
Give your grad a cloud of their own!

With up to 8TB of storage, give your favorite graduate their own personal cloud to centralize all their photos, videos and music in one safe place. They can save, sync and share all their stuff, and automatic photo backup helps free up space on their smartphone and tablet.

 
LVL 24

Expert Comment

by:purplepomegranite
ID: 21767267
If the remote desktop is working from the server, then the issue is the SBS firewall or the internet connection equipment.

Do you have a modem plugged directly into the SBS internet NIC, or is it a router?  Does this device have any firewall settings itself?  What modem is it?

It should be as simple as enabling exceptions in the basic firewall within RRAS to allow traffic through to the server.  Presumably this is how you got RDP to the server working in the first place?
0
 

Author Comment

by:StoutMan
ID: 21770389
The Speed Stream 5100 modem is connected directly to the Internet NIC (public).  The modem has no firewall and only stores the ATT username and password.  From the Routing and Remote access I right clicked on the network card (public) properties, services and ports and added port 3390 with the private address of 127.0.0.1.  This should open the port and allow me to scan and view it, however it comes back closed.
0
 
LVL 24

Accepted Solution

by:
purplepomegranite earned 500 total points
ID: 21770420
With the private address of 127.0.0.1, you are pointing port 3390 at the SBS server.  It comes back closed as SBS doesn't have anything listening on port 3390 (it IS closed).

You need to point it at the IP address of the client workstation.  You may wish to give this workstation a reserved IP address in DHCP to ensure it always has the same IP.
0
 

Author Comment

by:StoutMan
ID: 21770890
That did it, I don't know what I was thinking not pointing it to the worksation.  I will reserve the IP and that should be it.  Thanks for the help.
0
 

Author Closing Comment

by:StoutMan
ID: 31466405
Thanks
0

Featured Post

Zoho SalesIQ

Hassle-free live chat software re-imagined for business growth. 2 users, always free.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The problem of the system drive in SBS 2003 getting full continues to be an issue, even though SBS 2008 and SBS 2011 are both in the market place.  There are several solutions to this, including adding additional drive space or using third party uti…
If you are a user of the discontinued Microsoft Office Accounting 2008 (MSOA) and have to move to a new computer running Windows 8, you will be unhappy to discover that it won't install.  In particular, Microsoft SQL Server 2005 Express Edition (SSE…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now