[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1852
  • Last Modified:

cant connect to computers with RWW on SBS2008

ok. Have a brand new SBS2008 install on a new server. OWA and direct RDP connectivity are confirmed working, and I purchased a 3rd party cert to fix certificate errors. Only thing I cant seem to get working is accessing computers and servers remotely thru the RWW interface. First I got errors about the RDP client version not being up to 6.0, which i corrected. But now all I get is a login screen i cant get past.. Im entering the same credentials that work by using Remote Desktop Connection directly just fine..but thru RWW it just wont authenticate and let me in.. Any ideas on what I should fix ?? I saw another that mentioned modifying the TSG Marker properties in NPS to grant all access and ignore Dial in type, but trying that had no effect, and it seemed to open up a big hole I dont need if it didnt have any effect.
0
Aylward
Asked:
Aylward
  • 9
  • 6
  • 2
  • +2
2 Solutions
 
gzarnickCommented:
What firewall are you using?  Did you make sure you have all the necessary ports open in the firewall?
0
 
AylwardAuthor Commented:
Linksys Broadband Router/Firewall. These ports have been forwarded. (25, 80, 443, 3389, 4125, 4500, 123, 987,444). The windows server firewall has been turned off.
0
 
AylwardAuthor Commented:
This is still not working and I still dont know why... Anyone else got any ideas ??
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
gzarnickCommented:
Are you using IE for your browser?
0
 
AylwardAuthor Commented:
IE or mozilla has same effect.. I use IE primarily. Found Mozilla doesnt display the OWA pages properly anyway..
0
 
Keith AlabasterCommented:
It would make sense - would it not - to add this to the SBS Zone?
0
 
Keith AlabasterCommented:
Exactly how are you entering in the credentials? I note your method works internally but...
0
 
Philip ElderTechnical Architect - HA/Compute/StorageCommented:
The only ports you need to forward are the following:
 25 SMTP
 443 HTTPS
 987 SharePoint HTTPS
 1723 PPTP VPN
All of the other ones are needless and open things up to unwelcome scrutiny.

RDP on SBS 2008 is via HTTPS so 3389 does not need to be opened to the Internet.

XP SP3 as a remote client will not allow you to connect until RWW is in Trusted Sites and the RDP ActiveX add-on is enabled in IE.

Vista RTM and should have RWW in Trusted Sites.

Check your Gateway logs for errors just after attempting to connect and there should be some indication as to what is failing. Please post anything relevant.

Philip
0
 
Philip ElderTechnical Architect - HA/Compute/StorageCommented:
BTW, did you use the SBS Getting Started Wizards to configure your server?

Philip
0
 
AylwardAuthor Commented:
ive tried username and password, I've tried domain\username and password, I've even tried email address (username@domain.com)...all same. Just get back the same login dialog again and again.

0
 
AylwardAuthor Commented:
XP SP3 as a remote client will not allow you to connect until RWW is in Trusted Sites and the RDP ActiveX add-on is enabled in IE.
Done... didnt help. RWW to other sites work from these pc's. Activex and RDP working ok. Trusted sites were set.
BTW, did you use the SBS Getting Started Wizards to configure your server?
Yes.
Check your Gateway logs for errors just after attempting to connect and there should be some indication as to what is failing. Please post anything relevant.
Did... Can't find anything so far.  Outlook Anywhere works fine, so does direct RDP to the server. OWA thru the SBS portal is also functional. But any attempts to connect to a remote computer via RDP thru the site fail to get past the login dialog that says it's logging into the TS Gateway and the local server, Yet cant find corresponding errors in any of the event logs. Kinda weird.
0
 
suppsawsCommented:
have you followed this? http://sbs.editme.com/sbs2008rww
0
 
Philip ElderTechnical Architect - HA/Compute/StorageCommented:
Using the new RDP client you can set the gateway in your advanced properties. Do that. Set the gateway manually, then put one of the workstation names as the connect to and click connect.
This will bypass the RWW.
Do you connect okay then?

Philip
0
 
AylwardAuthor Commented:
Direct RDP works fine right now to the server..Bypassing RWW has worked since day one without any custom settings other then opening 3389 on the firewall. it's using RWW to RDP to that server that still fails. Working my way thru those other two articles now. Will advise what I get.  thanks for the responses.
0
 
Philip ElderTechnical Architect - HA/Compute/StorageCommented:
You should not have to open 3389. RDP now runs in an HTTPS tunnel for security and authentication.

As indicated above, use the TS Gateway setting in the RDP client to see if you can connect using the native SBS 2008 setup for remoting into the server and desktops.

Philip
0
 
AylwardAuthor Commented:
Currently when trying to access RDP via the RWW site, I am getting a Vbscript:remote Desktop Disconnected Error Dialog that says "an internal error has occurred (error 50331688). For more information, please contact your network administrator or Microsoft Product support.

Running the RDP client itself using the TS gateway setting works fine.
0
 
Philip ElderTechnical Architect - HA/Compute/StorageCommented:
IE 7?
Reset IE back to defaults --> Internet Options --> Advanced --> Reset.
Try again.

Philip
0
 
AylwardAuthor Commented:
IE7, IE8... either way.. same thing for either.. Reset settings, also no go. Same error
0
 
AylwardAuthor Commented:
That did it !!!  Turns out the TS gateway isnt configured by default with this supposed "turnkey remote website", and the certificate had to be manually found and inserted here, and then another wizard run on the TS gateway.. and bang.. it all works.  That stuff worked right outta the box in 2003 version..why the heck would it not be for 2008 ?? thats just dumb.  Thanks so much MPECSInc and SuppSaws for your patience and help here. All the points i can hand out to both of you...
0
 
Philip ElderTechnical Architect - HA/Compute/StorageCommented:
Suppsaws, thanks for the URL and site pointer for EMEA SBS. Awesome link!
Philip
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 9
  • 6
  • 2
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now