Solved

Cant remote Desktop fro web interface from internet

Posted on 2008-09-29
10
332 Views
Last Modified: 2013-11-21
Im able to www.domain.com/remote perfectly, i log using a domain user fine too, i choose the Pc i want to connect to and after 1 or 2 min i get this error saying to make sure computer is online or part of the SBS domain.

When im in the LAN, i get the same error message.
Funny thing if i use the Remote desktop applcation, i can acces real fine this PC
i have sbs2003 R2 and ISA 2004 ver 4
0
Comment
Question by:girfra01
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 5
10 Comments
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 22606634
How was the workstation joined to the domain originally?  If you used the System Properties instead of the SBS method of using http://<servername>/connectcomputer then it isn't configured properly for RWW.  To fix this, please follow the steps I've outlined here:  http://sbsurl.com/rejoin

Jeff
TechSoEasy
0
 

Author Comment

by:girfra01
ID: 22608403
Thank you for your help but i did this part already and it still not working.
Dont forget that even with my administrator account using the web interface for RD cant acces his own server.

0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 22610027
How could I forget that?  I didn't know it was the case in the first place.
So this would indicate that you don't have port 4125 open on your firewall.  But you say you can't use RWW internally within the LAN either?
Jeff
TechSoEasy
0
Space-Age Communications Transitions to DevOps

ViaSat, a global provider of satellite and wireless communications, securely connects businesses, governments, and organizations to the Internet. Learn how ViaSat’s Network Solutions Engineer, drove the transition from a traditional network support to a DevOps-centric model.

 

Author Comment

by:girfra01
ID: 22611244
lol sorry lol

im using SBS 2003 R2 Premium.  Isa 2004 did all the rules by itself.
Btw the port is open but guess what !!  We figured out that probably the ISP was blocking the remote desktop seesion from the www.domain.com/remote session. When i send i request for the Remote desktop session from the web interface, it sends a Dynamic port request, not the standard 3389 port.
so sbs gets the request negociate the port with me than when we try to handshake ISP block the port that sbs and the computer agreed to connect their session before it even gets back to my own server since its not the regular 3389 port

We did a lab this afternoon, we took a router, connect the sbs wan card in the router 10.0.0.1 and we gave the (wan card 10.0.0.5)   (gateway:10.0.0.1) and the Lan card in SBS in 192.168.0.100.
I took a computer and connected it in the Wan side to emulate that im on the internet before the firewall.
I ran the internet connexion wizard on sbs, went back to the computer on the wan side and tried http://www.domain.com/remote and i got to it like usually. logged on domain fine, chose a computer and finally ive been able to connect remotly using the web interface.

I have to call the ISP toomorrow morning i guess?

Do you think my solution is ok ?
0
 
LVL 74

Accepted Solution

by:
Jeffrey Kane - TechSoEasy earned 500 total points
ID: 22612110
"When i send i request for the Remote desktop session from the web interface, it sends a Dynamic port request, not the standard 3389 port."
No, it doesn't do that.  It sends the request over port 4125.  Please see the section titled TS PROXY at http://sbsurl.com/rww
So, your test may have not proved that the ISP is blocking the traffic.  It is possible that MTU settings are causing the failure.  But again, I would first ask to make sure that you had port 4125 open on your router and pointed to the SBS.  If it is, then when you check with the ISP, make sure that they aren't blocking port 4125.
Jeff
TechSoEasy  
0
 

Author Comment

by:girfra01
ID: 22613418
Excellent post btw i really had a bad vision about the RDP request.

ISA 2004 did created that rule for the 4125 port and they are no Router beetwen the adsl modem and the wan card in my SBS 2003 R2 Premium.

Ill ask isp this morning and let you know about the result
Thankx
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 22613449
One other test you can do is to just log into Remote Web Workplace from within the LAN and see if you can connect.  This will isolate the problem to being internal or external.
Jeff
TechSoEasy
 
0
 

Author Comment

by:girfra01
ID: 22649663
iid the rdp in the lan and it was working on all stations.
For some reason i called the ISP and told them that maybe they were blocking the 4125 port.

Next morning i tested the remote web acces and it worked !!!!!
Right now im trying to figure out who did what but its finally online.

Thank you all for your help
Seems that when things like that happen, we should ask ISP what port thay are blocking lol.
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 22652020
Glad you got it working.  Please be sure to close out the question.  See http:help.jsp#hi407 if you need assistance in doing this.

Jeff
TechSoEasy
0
 

Author Closing Comment

by:girfra01
ID: 31501408
i do understand a bit better the ts peoxy now
0

Featured Post

Revamp Your Training Process

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

I work for a company that primarily works with small businesses as their outsourced IT vendor. As such the majority of these customers utilize some version of Small Business Server. Due to the economics of running a small business, many of these cus…
A quick step-by-step overview of installing and configuring Carbonite Server Backup.
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

737 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question