Solved

Remote Desktop a client Behind SBS 2003 Server

Posted on 2008-06-11
10
1,004 Views
Last Modified: 2010-04-21
SBS 2003 SP2 configured with 2 Nics, internet connection is connected directly to a speedstream modem, the other connected to the internal network switch.  I am able to remote desktop into the server, I want to remote desktop into one of the client computers behind the server firewall.  I have changed the client listening port to 3390 and opened port 3390 via Routing and Remote access.  I then run the open port check tool via canyouseeme.org and the port is not open.  Is there another setting I need to make to open port?
0
Comment
Question by:StoutMan
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 2
  • +1
10 Comments
 
LVL 24

Expert Comment

by:purplepomegranite
ID: 21765198
Is the client firewall turned off too? i.e. on the workstation you need to access?  If it is turned on, you need to create an exception for remote desktop - especially as you have changed the port number, the default firewall settings will only open port 3389 for RDP.

Another point to note is that if you can remote desktop to the server, you can actually create another remote desktop session from the server to a client -and of course, it being from the server, you are already past one firewall.
0
 
LVL 6

Expert Comment

by:Eric
ID: 21765251
make sure you open the 3390 port on the client firewall.  also i know to change the port on a client with xp, i thought it required a registry change to force the different port number on the client to "watch"

How to change the listening port for Remote Desktop
http://support.microsoft.com/kb/306759

0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 21765475
There is no need for any of this. SBS is the only operating system offering Remote Web Workplace (RWW). Remote web workplace also you to connect to the SBS network using a web browser using SSL (more secure than direct remote desktop) and access the server or any PC on the network without changing listening ports or adding additional forwarders on the router. Also it eliminates the need to create custom firewall scopes due to SBS's default policies, and the need to enable routing on the SBS because of the 2 NIC's.  Once connected the RWW session is exactly the same as a Remote Desktop session.

RWW is easy to set up and implement, but you must use the wizards. It requires running the connect to the internet wizard under server management / internet and e-mail. If you also have a router you need to forward ports 443 and 4125 to the SBS.
An outline and some links with further information can be found here:
http://www.lan-2-wan.com/SBS.htm#q1
0
Major Incident Management Communications

Major incidents and IT service outages cost companies millions. Often the solution to minimizing damage is automated communication. Find out more in our Major Incident Management Communications infographic.

 

Author Comment

by:StoutMan
ID: 21765959
I have made the registry change on the client computer and added firewall exception to the cleint computer.  While connected to the server I can remote into the client computer using port 3390 so I know th port is working.  Just don't know why the server firewall is not allowing the port to open.  This is a small office with only a few client computers and the office manager needs to access her computer only, or I would go the RWW route.  I have also tried to configure vpn access however I get error 723 when trying to connect, at one point it did work,now it just fails to connect.  Thanks for the help so far.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 21766139
This is a complicated configuration and you have several issues to deal with if you are not going to use RWW. Firstly the exception on the client firewall by default is only for connections from the local LAN. You need to allow "all computers even those from the Internet". See:
http://www.lan-2-wan.com/RD-FW.htm
Then not only do you have to allow access from the Internet but you cannot configure the SBS firewall so you have to disable it. Next you have to configure port forwarding within RRAS to route the external packets from the WAN interface to the LAN PC.

RWW if SBS and clients were configured properly should take 5 minutes to enable. You can control who has access to it if you like.
0
 
LVL 24

Expert Comment

by:purplepomegranite
ID: 21767267
If the remote desktop is working from the server, then the issue is the SBS firewall or the internet connection equipment.

Do you have a modem plugged directly into the SBS internet NIC, or is it a router?  Does this device have any firewall settings itself?  What modem is it?

It should be as simple as enabling exceptions in the basic firewall within RRAS to allow traffic through to the server.  Presumably this is how you got RDP to the server working in the first place?
0
 

Author Comment

by:StoutMan
ID: 21770389
The Speed Stream 5100 modem is connected directly to the Internet NIC (public).  The modem has no firewall and only stores the ATT username and password.  From the Routing and Remote access I right clicked on the network card (public) properties, services and ports and added port 3390 with the private address of 127.0.0.1.  This should open the port and allow me to scan and view it, however it comes back closed.
0
 
LVL 24

Accepted Solution

by:
purplepomegranite earned 500 total points
ID: 21770420
With the private address of 127.0.0.1, you are pointing port 3390 at the SBS server.  It comes back closed as SBS doesn't have anything listening on port 3390 (it IS closed).

You need to point it at the IP address of the client workstation.  You may wish to give this workstation a reserved IP address in DHCP to ensure it always has the same IP.
0
 

Author Comment

by:StoutMan
ID: 21770890
That did it, I don't know what I was thinking not pointing it to the worksation.  I will reserve the IP and that should be it.  Thanks for the help.
0
 

Author Closing Comment

by:StoutMan
ID: 31466405
Thanks
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This guide is intended for migrating Windows 2003 Standard with Exchange 2003 to Windows Small Business Server 2008. You will need the following: Exchange Best Practice Analyzer: http://www.microsoft.com/downloads/details.aspx?FamilyID=DBAB201F-…
You may have discovered the 'Compatibility View Settings' workaround for making your SBS 2008 Remote Web Workplace 'connect to a computer' section stops 'working around' after a Windows 10 client upgrade.  That can be fixed so it 'works around' agai…
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…
Suggested Courses

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question