Solved

Cant remote Desktop fro web interface from internet

Posted on 2008-09-29
10
314 Views
Last Modified: 2013-11-21
Im able to www.domain.com/remote perfectly, i log using a domain user fine too, i choose the Pc i want to connect to and after 1 or 2 min i get this error saying to make sure computer is online or part of the SBS domain.

When im in the LAN, i get the same error message.
Funny thing if i use the Remote desktop applcation, i can acces real fine this PC
i have sbs2003 R2 and ISA 2004 ver 4
0
Comment
Question by:girfra01
  • 5
  • 5
10 Comments
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 22606634
How was the workstation joined to the domain originally?  If you used the System Properties instead of the SBS method of using http://<servername>/connectcomputer then it isn't configured properly for RWW.  To fix this, please follow the steps I've outlined here:  http://sbsurl.com/rejoin

Jeff
TechSoEasy
0
 

Author Comment

by:girfra01
ID: 22608403
Thank you for your help but i did this part already and it still not working.
Dont forget that even with my administrator account using the web interface for RD cant acces his own server.

0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 22610027
How could I forget that?  I didn't know it was the case in the first place.
So this would indicate that you don't have port 4125 open on your firewall.  But you say you can't use RWW internally within the LAN either?
Jeff
TechSoEasy
0
NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

 

Author Comment

by:girfra01
ID: 22611244
lol sorry lol

im using SBS 2003 R2 Premium.  Isa 2004 did all the rules by itself.
Btw the port is open but guess what !!  We figured out that probably the ISP was blocking the remote desktop seesion from the www.domain.com/remote session. When i send i request for the Remote desktop session from the web interface, it sends a Dynamic port request, not the standard 3389 port.
so sbs gets the request negociate the port with me than when we try to handshake ISP block the port that sbs and the computer agreed to connect their session before it even gets back to my own server since its not the regular 3389 port

We did a lab this afternoon, we took a router, connect the sbs wan card in the router 10.0.0.1 and we gave the (wan card 10.0.0.5)   (gateway:10.0.0.1) and the Lan card in SBS in 192.168.0.100.
I took a computer and connected it in the Wan side to emulate that im on the internet before the firewall.
I ran the internet connexion wizard on sbs, went back to the computer on the wan side and tried http://www.domain.com/remote and i got to it like usually. logged on domain fine, chose a computer and finally ive been able to connect remotly using the web interface.

I have to call the ISP toomorrow morning i guess?

Do you think my solution is ok ?
0
 
LVL 74

Accepted Solution

by:
Jeffrey Kane - TechSoEasy earned 500 total points
ID: 22612110
"When i send i request for the Remote desktop session from the web interface, it sends a Dynamic port request, not the standard 3389 port."
No, it doesn't do that.  It sends the request over port 4125.  Please see the section titled TS PROXY at http://sbsurl.com/rww
So, your test may have not proved that the ISP is blocking the traffic.  It is possible that MTU settings are causing the failure.  But again, I would first ask to make sure that you had port 4125 open on your router and pointed to the SBS.  If it is, then when you check with the ISP, make sure that they aren't blocking port 4125.
Jeff
TechSoEasy  
0
 

Author Comment

by:girfra01
ID: 22613418
Excellent post btw i really had a bad vision about the RDP request.

ISA 2004 did created that rule for the 4125 port and they are no Router beetwen the adsl modem and the wan card in my SBS 2003 R2 Premium.

Ill ask isp this morning and let you know about the result
Thankx
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 22613449
One other test you can do is to just log into Remote Web Workplace from within the LAN and see if you can connect.  This will isolate the problem to being internal or external.
Jeff
TechSoEasy
 
0
 

Author Comment

by:girfra01
ID: 22649663
iid the rdp in the lan and it was working on all stations.
For some reason i called the ISP and told them that maybe they were blocking the 4125 port.

Next morning i tested the remote web acces and it worked !!!!!
Right now im trying to figure out who did what but its finally online.

Thank you all for your help
Seems that when things like that happen, we should ask ISP what port thay are blocking lol.
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 22652020
Glad you got it working.  Please be sure to close out the question.  See http:help.jsp#hi407 if you need assistance in doing this.

Jeff
TechSoEasy
0
 

Author Closing Comment

by:girfra01
ID: 31501408
i do understand a bit better the ts peoxy now
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Requesting private key file from web certificate 4 35
SBS 2011 wireless nic? & dynamic VPN. 3 84
Migration path from SBS 2011 to ?? 4 93
MS Endpoint Protection 2 25
Welcome to my series of short tips on migrations. Whilst based on Microsoft migrations the same principles can be applied to any type of migration. My first tip Migration Tip #1 – Source Server Health can be found listed in my profile here: http:…
I’m often asked about newer and larger USB drives connected to SBS2008 and 2011 failing Windows Server Backup vs the older USB drives not failing. As disk space continues to grow and drive technology change SBS2008 and some SBS2011 end up with the f…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question