Can not use Remote Desktop to access W2K3 SE remotely

I have a client who has been accessing their work PC for a while now. The PC blew up and now they wish to access the server directly instead. I changed their port forwarding on their router to point RDP port 3389 to the server's IP, and they are an Administrator account in the domain (they are also a member of Remote Desktop Group). From within the company's LAN, they can use any XP's Remote Desktop to access their Local account on the server, no problem, but if they try to access the server's local account from their home PC, they can not even get the server's Window's Log on screen.

I began to think this is because their home PC's Computer Name is not a member of the domain, so I added my Laptop's  Computer name to the domain's Computer List and tried logging in with my laptop, still will not work  again, I can not even get the Server's log on screen. I'm running XP Media Center Edition, but would not think this is the problem.

When I attempt a login, I precede my log on name with the Server Name:

Servername\Username

Can anyone shed some light on why I can not connect to the server using RDP from a remote location? Again, this Remote Desktop access works fine from within the company's LAN, and no, there are no other users open in Terminal Services on the Server. Also, there is just the standard two user simultaneous access on the server, there has never been any further TS set up.

Also, I can get to any other XP PC on the LAN remotely using RDP, if I set up the port forwarding.

 I am sure the server's IP address is correct in the port forwarding, and like the other PC's I use only TCP, not both TCP and UDP.

Could it be that I need to open another incoming port on the router? Maybe port 443? I know I've seen this mentioned somewhere with TS.
HammettGAsked:
Who is Participating?
 
HammettGAuthor Commented:
Thanks for the information Tolimor, and you were right about the key location - I did find it. But this is something I had changed when I first setup remote desktop access. Remember, if I am on desktop within the client's LAN, then I can access the server perfectly with RDP, regardless of port #. But if I try to access the server from OUTSIDE, thru their firewall, using the IP of their external interface followed by a colon and the port number I have setup in their router's port forwarding and on the server via your Registry Key location, I can NOT get a connection at all. If I try this from a desktop within the LAN, using the real IP of the server, I can get right in. Also, I have setup another desktop (running XP Pro) to allow remote access using port 3391 (router set up to port forward 3391 to this XP PC), and I can connect to this PC from outside perfectly! So I know the port forwarding is working perfectly on the router. The only other possibility is that the ISP is blocking the ports I have tried for the server (3389, 3392, 9701) but NOT blocking port 3391, but I find this highly unlikely - we never contacted the ISP when we setup the original XP PC for 3391. Any other ideas? I'm thinking of switching to GotoMyPC or some other similar remote access client, if I can find one that allows connections to a W2K3 server.
0
 
TolomirAdministratorCommented:
As security reason I would change port 3389 to something high like 39123 this can be done with  http://support.microsoft.com/kb/306759

Start Registry Editor.
Locate and then click the following registry subkey:HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TerminalServer\WinStations\RDP-Tcp\PortNumber
On the Edit menu, click Modify, and then click Decimal.
Type the new port number, and then click OK.
Quit Registry Editor.

---

So you enter in the remote desktop login screen

firewallIP_outside:3389

and you get no connection?




0
 
HammettGAuthor Commented:
Hi Tolomir:

This information is for XP, not for W2K3 Server - there is no key such as:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TerminalServer\WinStations\RDP-Tcp\PortNumber
in W2K3. I have already used registry editor to attempt changing the port number to no avail. Any other ideas? I'm suspecting the server is so shot, that no other remedies will help, except a full system restore
0
WEBINAR: 10 Easy Ways to Lose a Password

Join us on June 27th at 8 am PDT to learn about the methods that hackers use to lift real, working credentials from even the most security-savvy employees. We'll cover the importance of multi-factor authentication and how these solutions can better protect your business!

 
TolomirAdministratorCommented:
Hello HammettG,

you are missing a " " here in Terminal Server

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp

See screenshot.

You have to restart remote desktop after changing the port. (Easiest done with a server reboot) Otherwise you have to disable remote desktop, then reenable it.

win2k3.jpg
0
 
TolomirAdministratorCommented:
Yes I did recognize your comments so I had no idea how to solve the problem in the 1st place.

Your problem seems to be a bit more complicated.

Can you switch the IPs of these 2 computers and give this a try?


0
 
TolomirAdministratorCommented:
Take the free trial version of  LogMeIn IT Reach

https://secure.logmein.com/products/it/

It is able to connect to servers over the Internet.


0
 
TolomirAdministratorCommented:
Take the free trial version of  LogMeIn IT Reach

https://secure.logmein.com/products/it/

It is able to connect to servers over the Internet.


0
 
HammettGAuthor Commented:
I am no longer working for this client, so I would have to try that some other time. Thanks anyway.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.