Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1027
  • Last Modified:

Remote Desktop a client Behind SBS 2003 Server

SBS 2003 SP2 configured with 2 Nics, internet connection is connected directly to a speedstream modem, the other connected to the internal network switch.  I am able to remote desktop into the server, I want to remote desktop into one of the client computers behind the server firewall.  I have changed the client listening port to 3390 and opened port 3390 via Routing and Remote access.  I then run the open port check tool via canyouseeme.org and the port is not open.  Is there another setting I need to make to open port?
0
StoutMan
Asked:
StoutMan
  • 4
  • 3
  • 2
  • +1
1 Solution
 
purplepomegraniteCommented:
Is the client firewall turned off too? i.e. on the workstation you need to access?  If it is turned on, you need to create an exception for remote desktop - especially as you have changed the port number, the default firewall settings will only open port 3389 for RDP.

Another point to note is that if you can remote desktop to the server, you can actually create another remote desktop session from the server to a client -and of course, it being from the server, you are already past one firewall.
0
 
EricCommented:
make sure you open the 3390 port on the client firewall.  also i know to change the port on a client with xp, i thought it required a registry change to force the different port number on the client to "watch"

How to change the listening port for Remote Desktop
http://support.microsoft.com/kb/306759

0
 
Rob WilliamsCommented:
There is no need for any of this. SBS is the only operating system offering Remote Web Workplace (RWW). Remote web workplace also you to connect to the SBS network using a web browser using SSL (more secure than direct remote desktop) and access the server or any PC on the network without changing listening ports or adding additional forwarders on the router. Also it eliminates the need to create custom firewall scopes due to SBS's default policies, and the need to enable routing on the SBS because of the 2 NIC's.  Once connected the RWW session is exactly the same as a Remote Desktop session.

RWW is easy to set up and implement, but you must use the wizards. It requires running the connect to the internet wizard under server management / internet and e-mail. If you also have a router you need to forward ports 443 and 4125 to the SBS.
An outline and some links with further information can be found here:
http://www.lan-2-wan.com/SBS.htm#q1
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
StoutManAuthor Commented:
I have made the registry change on the client computer and added firewall exception to the cleint computer.  While connected to the server I can remote into the client computer using port 3390 so I know th port is working.  Just don't know why the server firewall is not allowing the port to open.  This is a small office with only a few client computers and the office manager needs to access her computer only, or I would go the RWW route.  I have also tried to configure vpn access however I get error 723 when trying to connect, at one point it did work,now it just fails to connect.  Thanks for the help so far.
0
 
Rob WilliamsCommented:
This is a complicated configuration and you have several issues to deal with if you are not going to use RWW. Firstly the exception on the client firewall by default is only for connections from the local LAN. You need to allow "all computers even those from the Internet". See:
http://www.lan-2-wan.com/RD-FW.htm
Then not only do you have to allow access from the Internet but you cannot configure the SBS firewall so you have to disable it. Next you have to configure port forwarding within RRAS to route the external packets from the WAN interface to the LAN PC.

RWW if SBS and clients were configured properly should take 5 minutes to enable. You can control who has access to it if you like.
0
 
purplepomegraniteCommented:
If the remote desktop is working from the server, then the issue is the SBS firewall or the internet connection equipment.

Do you have a modem plugged directly into the SBS internet NIC, or is it a router?  Does this device have any firewall settings itself?  What modem is it?

It should be as simple as enabling exceptions in the basic firewall within RRAS to allow traffic through to the server.  Presumably this is how you got RDP to the server working in the first place?
0
 
StoutManAuthor Commented:
The Speed Stream 5100 modem is connected directly to the Internet NIC (public).  The modem has no firewall and only stores the ATT username and password.  From the Routing and Remote access I right clicked on the network card (public) properties, services and ports and added port 3390 with the private address of 127.0.0.1.  This should open the port and allow me to scan and view it, however it comes back closed.
0
 
purplepomegraniteCommented:
With the private address of 127.0.0.1, you are pointing port 3390 at the SBS server.  It comes back closed as SBS doesn't have anything listening on port 3390 (it IS closed).

You need to point it at the IP address of the client workstation.  You may wish to give this workstation a reserved IP address in DHCP to ensure it always has the same IP.
0
 
StoutManAuthor Commented:
That did it, I don't know what I was thinking not pointing it to the worksation.  I will reserve the IP and that should be it.  Thanks for the help.
0
 
StoutManAuthor Commented:
Thanks
0

Featured Post

New feature and membership benefit!

New feature! Upgrade and increase expert visibility of your issues with Priority Questions.

  • 4
  • 3
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now