Solved

Remote Desktop (to a Vista PC) not connecting

Posted on 2008-06-24
12
636 Views
Last Modified: 2013-11-21
We have a client with a domain server. I have set up Remote Desktop on one of the Vista PCs so that it can be accessed remotely via the Internet (broadband). However even internally I cannot access it from another PC on the same network. So I suspect something is blocking it at the PC end?

I am very familiar with RDP, aet it up successfully many times, we use it for many of our clients and I have set it up as follows:

- Altered the default port in the Registry to 3390 (instead of 3389) [for external access, as 3389 is already allocated for the server which works fine and put in port forwarding in the router]
- Allocated a fixed ip to the machine (via the MAC address and DHCP on the server)
- Ensured Remote Desktop is enabled
- Tried to connect, internally, with 'ip-adress:3390'

- Windows firewall is off (I am pretty sure)
- The PC has a domain user password
- It uses Sophos anti-virus, but I doubt is this is blocking it, not experienceSophos blocking RDP before

Is there someting I have missed or particularly different with Vista? I've connected to my Vista PC OK.

All help gratefully received




0
Comment
Question by:gerlis
  • 5
  • 4
  • 3
12 Comments
 
LVL 2

Assisted Solution

by:dbanttari
dbanttari earned 150 total points
ID: 21860628
On the Remote Desktop host [hereafter "Host"]:
- Use "netstat -an" to determine if anything is LISTENING on port 3390
-- if not, then remote desktop hasn't listened when you changed the port.  You probably don't need to change this port; the firewall should be able to redirect 3390 on its public IP to the Host's port 3389.

On another machine within the firewall:
- Attempt to remote desktop to the Host on 3390
-- If this fails, then there's a personal firewall blocking connections.

From outside:
- Try to telnet to that port: "telnet  firewall.public.ip  3390"
-- if you get "Connection Refused" or just a 30s pause before "Could not open connection..." then there's a firewall config issue.  Did you restart the router?
0
 
LVL 2

Expert Comment

by:dbanttari
ID: 21860639
- Tried to connect, internally, with 'ip-adress:3390'

Did that work?
0
 
LVL 77

Accepted Solution

by:
Rob Williams earned 350 total points
ID: 21860687
>>"Windows firewall is off (I am pretty sure)"
If not:
When you enable remote desktop on a PC it automatically creates an exception for the service (from the same LAN). However where you have changed the listening port, if the widows firewall is enabled, you will need to make a custom exception.
0
Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

 
LVL 1

Author Comment

by:gerlis
ID: 21860712
dbanttari

Thanks for these suggestions. I will try them tomorrow, I'm in the UK ( I have to connect with user's assitance using our UVNC 'single-click' utility), especially the netstat command.

I cannot RDP internally (within firewall) from another PC, already tried that.
RDP with 'ip-adress:3390' didn't work.

I suspect you are right re: 'personal firewall blocking connections', but nothing else on that PC that is obviously the cause.

I'll let you know tomorrow

Thanks again

 

0
 
LVL 2

Expert Comment

by:dbanttari
ID: 21860734
Had you restarted the service (or, heck, the whole machine) since making the registry change?

(BTW if there's nothing "LISTENING" on 3390, check 3389...)

Personally, I think you should do the TCP port translation at the firewall, and leave the port on the actual Host machine at 3389.
0
 
LVL 1

Author Comment

by:gerlis
ID: 21860736
RobWill:

Thanks. You may be right or nearly right, I will need to check this client's PC again tomorrow re: Windows firewall. I'm sure I checked the exceptions anyway, even though I am 96% certain firewall is off.

Watch this space...

0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 21860815
Another thing to watch with the firewall, if that is the issue, is by default it allows local connections only. You often have to edit the scope options to allow remote connections:
http://www.lan-2-wan.com/RD-FW.htm
0
 
LVL 1

Author Comment

by:gerlis
ID: 21860845
dbanttari:

PC re-started a couple of times, as I have to log in as administrator on the PC to have rights to make these changes, (could that be the issue?)

Re: router I see hat you mean, but there does not seem to be a way (Netgear DG834G) of specifying to redirected port, only specifying redirected ip address of the destination machine, presume you mean:

-> incoming (from WAN) port request for 3390  -> router/firewall -> ip-address of PC [with port 3389]

the "[with port 3389]" can't be done on a Netgear DG 834G, unless I am mistaken?
0
 
LVL 2

Expert Comment

by:dbanttari
ID: 21860995
Just checked the manual for that particular router, and you're correct-- it doesn't look like it supports different public and private ports for inbound services.  A pity.
0
 
LVL 1

Author Comment

by:gerlis
ID: 21869758
All this is very embarrassing!

I was able to check today and the firewall was indeed, on!  I was convinced originally that it wasn't.

However I would not have realised that by using a different port (3390 instead of the default 3389) I would need to open that in the Windows firewall.

With the firewall left on and opening the port in the exceptions, it all worked fine!

So I would like to award the points to RobWill assisted by dbanttari for his/her useful information and contribution
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 21869847
Don't be embarrassed, I've "been there done that" :-)  Often you just need a second pair of eyes.
Thanks gerlis.
Cheers !
--Rob
0
 
LVL 1

Author Comment

by:gerlis
ID: 21870361
Quite!

Thanks to you, too.
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many of us in IT utilize a combination of roaming profiles and folder redirection to ensure user information carries over from one workstation to another; in my environment, it was to enable virtualization without needing a separate desktop for each…
I'm a big fan of Windows' offline folder caching and have used it on my laptops for over a decade.  One thing I don't like about it, however, is how difficult Microsoft has made it for the cache to be moved out of the Windows folder.  Here's how to …
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
The Task Scheduler is a powerful tool that is built into Windows. It allows you to schedule tasks (actions) on a recurring basis, such as hourly, daily, weekly, monthly, at log on, at startup, on idle, etc. This video Micro Tutorial is a brief intro…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question