Solved

Cant remote Desktop fro web interface from internet

Posted on 2008-09-29
10
324 Views
Last Modified: 2013-11-21
Im able to www.domain.com/remote perfectly, i log using a domain user fine too, i choose the Pc i want to connect to and after 1 or 2 min i get this error saying to make sure computer is online or part of the SBS domain.

When im in the LAN, i get the same error message.
Funny thing if i use the Remote desktop applcation, i can acces real fine this PC
i have sbs2003 R2 and ISA 2004 ver 4
0
Comment
Question by:girfra01
  • 5
  • 5
10 Comments
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 22606634
How was the workstation joined to the domain originally?  If you used the System Properties instead of the SBS method of using http://<servername>/connectcomputer then it isn't configured properly for RWW.  To fix this, please follow the steps I've outlined here:  http://sbsurl.com/rejoin

Jeff
TechSoEasy
0
 

Author Comment

by:girfra01
ID: 22608403
Thank you for your help but i did this part already and it still not working.
Dont forget that even with my administrator account using the web interface for RD cant acces his own server.

0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 22610027
How could I forget that?  I didn't know it was the case in the first place.
So this would indicate that you don't have port 4125 open on your firewall.  But you say you can't use RWW internally within the LAN either?
Jeff
TechSoEasy
0
Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

 

Author Comment

by:girfra01
ID: 22611244
lol sorry lol

im using SBS 2003 R2 Premium.  Isa 2004 did all the rules by itself.
Btw the port is open but guess what !!  We figured out that probably the ISP was blocking the remote desktop seesion from the www.domain.com/remote session. When i send i request for the Remote desktop session from the web interface, it sends a Dynamic port request, not the standard 3389 port.
so sbs gets the request negociate the port with me than when we try to handshake ISP block the port that sbs and the computer agreed to connect their session before it even gets back to my own server since its not the regular 3389 port

We did a lab this afternoon, we took a router, connect the sbs wan card in the router 10.0.0.1 and we gave the (wan card 10.0.0.5)   (gateway:10.0.0.1) and the Lan card in SBS in 192.168.0.100.
I took a computer and connected it in the Wan side to emulate that im on the internet before the firewall.
I ran the internet connexion wizard on sbs, went back to the computer on the wan side and tried http://www.domain.com/remote and i got to it like usually. logged on domain fine, chose a computer and finally ive been able to connect remotly using the web interface.

I have to call the ISP toomorrow morning i guess?

Do you think my solution is ok ?
0
 
LVL 74

Accepted Solution

by:
Jeffrey Kane - TechSoEasy earned 500 total points
ID: 22612110
"When i send i request for the Remote desktop session from the web interface, it sends a Dynamic port request, not the standard 3389 port."
No, it doesn't do that.  It sends the request over port 4125.  Please see the section titled TS PROXY at http://sbsurl.com/rww
So, your test may have not proved that the ISP is blocking the traffic.  It is possible that MTU settings are causing the failure.  But again, I would first ask to make sure that you had port 4125 open on your router and pointed to the SBS.  If it is, then when you check with the ISP, make sure that they aren't blocking port 4125.
Jeff
TechSoEasy  
0
 

Author Comment

by:girfra01
ID: 22613418
Excellent post btw i really had a bad vision about the RDP request.

ISA 2004 did created that rule for the 4125 port and they are no Router beetwen the adsl modem and the wan card in my SBS 2003 R2 Premium.

Ill ask isp this morning and let you know about the result
Thankx
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 22613449
One other test you can do is to just log into Remote Web Workplace from within the LAN and see if you can connect.  This will isolate the problem to being internal or external.
Jeff
TechSoEasy
 
0
 

Author Comment

by:girfra01
ID: 22649663
iid the rdp in the lan and it was working on all stations.
For some reason i called the ISP and told them that maybe they were blocking the 4125 port.

Next morning i tested the remote web acces and it worked !!!!!
Right now im trying to figure out who did what but its finally online.

Thank you all for your help
Seems that when things like that happen, we should ask ISP what port thay are blocking lol.
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 22652020
Glad you got it working.  Please be sure to close out the question.  See http:help.jsp#hi407 if you need assistance in doing this.

Jeff
TechSoEasy
0
 

Author Closing Comment

by:girfra01
ID: 31501408
i do understand a bit better the ts peoxy now
0

Featured Post

Migrating Your Company's PCs

To keep pace with competitors, businesses must keep employees productive, and that means providing them with the latest technology. This document provides the tips and tricks you need to help you migrate an outdated PC fleet to new desktops, laptops, and tablets.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Sharepoint 2010 Audit Logs 11 127
Migrating from SBS - cont 17 96
Exchange 2007 3 47
VPN problems 4 32
Remote Apps is a feature in server 2008 which allows users to run applications off Remote Desktop Servers without having to log into them to run the applications.  The user can either have a desktop shortcut installed or go through the web portal to…
Common practice undertaken by most system administrators is to document the configurations and final solutions of anything performed by them for their future use and reference. So here I am going to explain how to export ISA Server 2004 Firewall pol…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question