Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Cannot RDP to ISA server from external connection.

Posted on 2009-04-12
8
Medium Priority
?
797 Views
Last Modified: 2012-05-06
Windows SBS 2003 has ISA installed, and used to route RDP requests to a terminal server.  I would like to provide remote access directly to the SBS server instead now.  The router IP is 10.0.0.1, the external NIC on the SBS is 10.0.0.253 (internal is 192.168... but not used anymore).  In the router, I enable RDP to 10.0.0.253 (port 3389).  Yet I cannot RDP to the server from an external connection.  Even if I stop the ISA and Windows Firewall services, I still cannot RDP to to the server from an external connection.  Internal RDP connections work fine if I plug in to the 192.168.... line.  What is preventing me from RDPing to the SBS server?  
0
Comment
Question by:RadRichie
  • 4
  • 2
8 Comments
 
LVL 12

Expert Comment

by:coredatarecovery
ID: 24127252
The external nic at 10.0.0.253 is an internal address.

You MUST forward your External packets for port 3389 on the physical Internet address side of the firewall to your 10.0.0.253 internal address.

Can you log into your firewall device?
0
 
LVL 12

Expert Comment

by:coredatarecovery
ID: 24127623
you need to add a pass thru for port 3389 in your firewall to forward your packets to your internal ip address of the server.

10.x.x.x is a private address.

If you need you IP address http://www.coredatarecovery.com/ip.shtml will echo back your IP address

This is the IP address (Once the pass thru is setup that will be used from outside to access the rdp)

you can check your connection with a port scan from the web at www.grc.com

0
 
LVL 1

Author Comment

by:RadRichie
ID: 24129231
The router advanced settings have RDP mapped to 10.0.0.253, the "external" IP from ISA's perspective.
If I turn off the MIcrosoft firewall service, I can RDP from the server to itself (10.0.0.253), but not to it from an external line.  
0
New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

 
LVL 1

Author Comment

by:RadRichie
ID: 24129474
This is fixed.  ISA server had one of many RDP rules that mapped RDP to the old terminal server.  Once the IP address in that rule was changed to the SBS, RDP from external worked fine.
0
 
LVL 12

Expert Comment

by:coredatarecovery
ID: 24129821
Very Cool.
0
 
LVL 12

Expert Comment

by:coredatarecovery
ID: 24129878
I'm glad to have been of service to you.
0
 

Accepted Solution

by:
ee_auto earned 0 total points
ID: 25216760
Question PAQ'd, 300 points refunded, and stored in the solution database.
0

Featured Post

Lessons on Wi-Fi & Recommendations on KRACK

Simplicity and security can be a difficult  balance for any business to tackle. Join us on December 6th for a look at your company's biggest security gap. We will also address the most recent attack, "KRACK" and provide recommendations on how to secure your Wi-Fi network today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are three types of ISA client that can be configured - these can be individual clients or multiples of a client on each PC or server SecureNAT. A SecureNAT client for ISA server is a client machine, work station or server, that has its defa…
Forefront Threat Management Gateway 2010 or FTMG comes with some very neat troubleshooting tools built-in when trying to identify what is actually happening behind the scenes within the product when traffic is passing through its interfaces. To the …
Integration Management Part 2
How to fix incompatible JVM issue while installing Eclipse While installing Eclipse in windows, got one error like above and unable to proceed with the installation. This video describes how to successfully install Eclipse. How to solve incompa…
Suggested Courses

972 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question