Solved

I am not able to take the Remote Desktop Connection.

Posted on 2009-05-07
14
932 Views
Last Modified: 2012-05-06
Hi,

We are in Windows OS level support to remotly. Our desktops are in a same network.
We have been facing s strange problem last few days. Problem is our some desktoops(Windows XP) are able to take the rdp connection to our servers(Windows 2000 & 2003) but others are not.

Port 3389 is open all the source and destination and telnet is also working  and we didn't change any OS level or policy change.

 We checked at our network and firewall side but all the configuration are fine. Same configuration and policy are appling on all the desktops.

Pls provide a solution urgently.
0
Comment
Question by:rcom_infraops
  • 7
  • 6
14 Comments
 
LVL 76

Expert Comment

by:arnold
Comment Utility
Is the issue that some systems can establish an RDP connection to the servers and some can not?
Are these server terminal servers?
Are your difficulties going from a workstation to a server or from a server to a workstation?
0
 

Author Comment

by:rcom_infraops
Comment Utility
Yes, the issue is some systems can establish an RDP connection to the servers and some can not.
No these serves are not terminal servers license. We are using the default inbuilt terminal connection.
We have both the problem one is server to server and other is workstation to server.
But this time we take the one by one problem so we are taking firstly workstation to server rdp issue.
0
 
LVL 76

Expert Comment

by:arnold
Comment Utility
One: you can only establish a pair of RDP connection to each server.
What is the error that you get when attempting to establish RDP?
Are all the systems and servers on the same IP segment?
Check the version of mstsc on the working system versus the non-working system
(mstsc /?) does it have /admin or /console in the list? Do all RDP that work have one i.e. /admin while the non-wokring ones have /console or vice versa?
This will indicate that there is a version differnce. i.e. the ones with /admin were updated with the terminal client 6 update.

can you establish a telnet connection from the non-working system to the server
telnet server 3389
(have two command windows open) while you attempt a connection in one, run a netstat -an | find "ip_of_server"
What is the connection status (ESTABLISHED, TCP_SYNC, SYNC_SENT) etc.?


 
0
 

Author Comment

by:rcom_infraops
Comment Utility
One Example in netstat -an:
TCP    10.8.85.222:1455       97.253.16.106:3389     ESTABLISHED
Server 97.253.16.106 is showing the 3389 established but I am unable to connect the server. RDP screen is showing before the logon prompt but logon screen is not connecting.
When the server has free all the session then also I faced the same problem.
No My system IP is in 10.8.85.X series and my server are 10.8.48.X, 97.253.33.X, 97.253.16.X.
For your more reference check the full details of netstat -an:-

Active Connections

  Proto  Local Address          Foreign Address        State
  TCP    0.0.0.0:135            0.0.0.0:0              LISTENING
  TCP    0.0.0.0:445            0.0.0.0:0              LISTENING
  TCP    0.0.0.0:1105           0.0.0.0:0              LISTENING
  TCP    0.0.0.0:3389           0.0.0.0:0              LISTENING
  TCP    0.0.0.0:5800           0.0.0.0:0              LISTENING
  TCP    0.0.0.0:5900           0.0.0.0:0              LISTENING
  TCP    0.0.0.0:6129           0.0.0.0:0              LISTENING
  TCP    0.0.0.0:7717           0.0.0.0:0              LISTENING
  TCP    0.0.0.0:50220          0.0.0.0:0              LISTENING
  TCP    10.8.85.222:139        0.0.0.0:0              LISTENING
  TCP    10.8.85.222:1143       10.8.51.42:1352        ESTABLISHED
  TCP    10.8.85.222:1307       10.8.53.182:3389       ESTABLISHED
  TCP    10.8.85.222:1309       97.253.32.55:3389      ESTABLISHED
  TCP    10.8.85.222:1428       97.253.34.3:3389       ESTABLISHED
  TCP    10.8.85.222:1455       97.253.16.106:3389     ESTABLISHED
  TCP    127.0.0.1:6139         0.0.0.0:0              LISTENING
  TCP    192.168.40.1:139       0.0.0.0:0              LISTENING
  TCP    192.168.157.1:139      0.0.0.0:0              LISTENING
  UDP    0.0.0.0:445            *:*                    
  UDP    0.0.0.0:500            *:*                    
  UDP    0.0.0.0:1103           *:*                    
  UDP    0.0.0.0:4500           *:*                    
  UDP    0.0.0.0:50220          *:*                    
  UDP    10.8.85.222:123        *:*                    
  UDP    10.8.85.222:137        *:*                    
  UDP    10.8.85.222:138        *:*                    
  UDP    10.8.85.222:1900       *:*                    
  UDP    127.0.0.1:123          *:*                    
  UDP    127.0.0.1:1025         *:*                    
  UDP    127.0.0.1:1039         *:*                    
  UDP    127.0.0.1:1048         *:*                    
  UDP    127.0.0.1:1113         *:*                    
  UDP    127.0.0.1:1900         *:*                    
  UDP    192.168.40.1:123       *:*                    
  UDP    192.168.40.1:137       *:*                    
  UDP    192.168.40.1:138       *:*                    
  UDP    192.168.40.1:1900      *:*                    
  UDP    192.168.157.1:123      *:*                    
  UDP    192.168.157.1:137      *:*                    
  UDP    192.168.157.1:138      *:*                    
  UDP    192.168.157.1:1900     *:*                    

I am not able to connect the servers through RDP logon prompt through mstsc /console or mstsc /admin.
0
 
LVL 76

Expert Comment

by:arnold
Comment Utility
You have a multi-homed system (multiple IPs) the issue might be that the route through which the connection is being attempted/returned is the issue.
Post netstat -rn and route print from this system.

The issue could also be with an update that messed up terminal services client (MSTSC).
0
 

Author Comment

by:rcom_infraops
Comment Utility
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

C:\Documents and Settings\vishal.rastogi>netstat -rn

Route Table
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 50 56 c0 00 08 ...... VMware Virtual Ethernet Adapter for VMnet8
0x3 ...00 50 56 c0 00 01 ...... VMware Virtual Ethernet Adapter for VMnet1
0x4 ...00 0f fe 0d 92 0f ...... Broadcom NetXtreme Gigabit Ethernet - Teefer2 Mi
niport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0        10.8.85.1     10.8.85.222       20
        10.8.85.0    255.255.255.0      10.8.85.222     10.8.85.222       20
      10.8.85.222  255.255.255.255        127.0.0.1       127.0.0.1       20
   10.255.255.255  255.255.255.255      10.8.85.222     10.8.85.222       20
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1       1
     192.168.40.0    255.255.255.0     192.168.40.1    192.168.40.1       20
     192.168.40.1  255.255.255.255        127.0.0.1       127.0.0.1       20
   192.168.40.255  255.255.255.255     192.168.40.1    192.168.40.1       20
    192.168.157.0    255.255.255.0    192.168.157.1   192.168.157.1       20
    192.168.157.1  255.255.255.255        127.0.0.1       127.0.0.1       20
  192.168.157.255  255.255.255.255    192.168.157.1   192.168.157.1       20
        224.0.0.0        240.0.0.0      10.8.85.222     10.8.85.222       20
        224.0.0.0        240.0.0.0     192.168.40.1    192.168.40.1       20
        224.0.0.0        240.0.0.0    192.168.157.1   192.168.157.1       20
  255.255.255.255  255.255.255.255      10.8.85.222     10.8.85.222       1
  255.255.255.255  255.255.255.255     192.168.40.1    192.168.40.1       1
  255.255.255.255  255.255.255.255    192.168.157.1   192.168.157.1       1
Default Gateway:         10.8.85.1
===========================================================================
Persistent Routes:
  None

C:\Documents and Settings\vishal.rastogi>route print
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 50 56 c0 00 08 ...... VMware Virtual Ethernet Adapter for VMnet8
0x3 ...00 50 56 c0 00 01 ...... VMware Virtual Ethernet Adapter for VMnet1
0x4 ...00 0f fe 0d 92 0f ...... Broadcom NetXtreme Gigabit Ethernet - Teefer2 Mi
niport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0        10.8.85.1     10.8.85.222       20
        10.8.85.0    255.255.255.0      10.8.85.222     10.8.85.222       20
      10.8.85.222  255.255.255.255        127.0.0.1       127.0.0.1       20
   10.255.255.255  255.255.255.255      10.8.85.222     10.8.85.222       20
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1       1
     192.168.40.0    255.255.255.0     192.168.40.1    192.168.40.1       20
     192.168.40.1  255.255.255.255        127.0.0.1       127.0.0.1       20
   192.168.40.255  255.255.255.255     192.168.40.1    192.168.40.1       20
    192.168.157.0    255.255.255.0    192.168.157.1   192.168.157.1       20
    192.168.157.1  255.255.255.255        127.0.0.1       127.0.0.1       20
  192.168.157.255  255.255.255.255    192.168.157.1   192.168.157.1       20
        224.0.0.0        240.0.0.0      10.8.85.222     10.8.85.222       20
        224.0.0.0        240.0.0.0     192.168.40.1    192.168.40.1       20
        224.0.0.0        240.0.0.0    192.168.157.1   192.168.157.1       20
  255.255.255.255  255.255.255.255      10.8.85.222     10.8.85.222       1
  255.255.255.255  255.255.255.255     192.168.40.1    192.168.40.1       1
  255.255.255.255  255.255.255.255    192.168.157.1   192.168.157.1       1
Default Gateway:         10.8.85.1
===========================================================================
Persistent Routes:
  None
0
 
LVL 76

Expert Comment

by:arnold
Comment Utility
What are the IPs of the servers.  Can you run tracert to the IP of the server?  You may have a networking issue or you may have a corrupt mstsc.
0
Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

 

Author Comment

by:rcom_infraops
Comment Utility
Trace report from desktop (10.8.85.222) to my server (97.253.16.106)
C:\>tracert 97.253.16.106
Tracing route to 97.253.16.106 over a maximum of 30 hops
  1    23 ms    <1 ms    <1 ms  10.8.85.1
  2     7 ms    <1 ms     3 ms  10.8.3.62
  3     5 ms    <1 ms    25 ms  10.8.4.66
  4     4 ms    <1 ms    <1 ms  10.8.56.1
  5     7 ms     1 ms    <1 ms  97.253.23.2
  6     3 ms     8 ms     2 ms  97.253.125.145
  7    2 ms     1 ms     1 ms  97.253.16.106
Trace complete.

Trace report from server (97.253.16.106) to my desktop(10.8.85.222)
C:\>tracert 10.8.85.222
Tracing route to DPC-A000407 [10.8.85.222]
over a maximum of 30 hops:
  1    27 ms    <1 ms    <1 ms  97.253.16.125
  2    16 ms     3 ms     1 ms  97.253.125.146
  3    <1 ms    <1 ms    <1 ms  97.253.23.1
  4    15 ms    <1 ms    <1 ms  10.8.56.2
  5     6 ms    <1 ms    <1 ms  10.8.4.65
  6    16 ms     1 ms     1 ms  10.8.3.61
  7     1 ms     1 ms    <1 ms  DPC-A000407 [10.8.85.222]
Trace complete.

RDP-version.doc
0
 
LVL 76

Expert Comment

by:arnold
Comment Utility
97.253.125.145 and 146 are these a pair of point to point routers? Or do you have a pair of firewalls that loadbalance your traffic?
97.253.23.1 and 2?

Compare the tracert from the working workstations to this server.
You may have a firewall that is not allowing traffic through.
0
 

Author Comment

by:rcom_infraops
Comment Utility
I compared the tracert report with the working workstation. Both are same and no differences are there.
I discussed with Firewall team and Network Team, Both have confirmed that they have implemented the group policy on the Firewall not individually. If the port or traffic block on the firewall/network side that means the entire group members get affected not individually.
0
 
LVL 3

Expert Comment

by:Ghousullah
Comment Utility
Hi,

Please goto to the terminal server to which you take DP and goto Adminitrative tools --> terminal Server licensing and Select the Terminal Server and right click and give refresh. This should solve the issue.

Because the tickets provided by the terminal servers should have been expired. This would be the reason.. for it. Please check the event viewer of the terminal server to which you take RDP where you can find events that say that specific client is trying to connect the terminal server when try to access.

This issue was faced by me in client environment and got resolved. Please check this.
0
 

Author Comment

by:rcom_infraops
Comment Utility
I tried as you mentioned but the issue is same.
Note: I am using the default session(By default 2+1 rdp session)
0
 
LVL 76

Accepted Solution

by:
arnold earned 125 total points
Comment Utility
Compare the IPs for the working ones and for the non-working one.
The problem is that your output of netstat -an from the non-working one has the connection established, but nothing seems to come through.  On the non-working workstation, are you able to RDP to any other system?
Enable the remote desktop of the workstation in the next cubicle and see whether you can RDP to it.  You may have a corrupt mstsc i.e. a dll is not correctly registered.
Are all the RDP versions on the workstations the same 6.0.6001?

On the non-working one, once you put in the desitnation and then username/password the rdp session becomes non-responsive, Right?
0
 

Author Closing Comment

by:rcom_infraops
Comment Utility
ok
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

Preface Having the need * to contact many different companies with different infrastructures * do remote maintenance in their network required us to implement a more flexible routing solution. As RAS, PPTP, L2TP and VPN Client connections are no…
Have you ever had a hard drive that you can't boot into, but need to change the registry? Here is the solution! This article guides you through accessing and editing a registry of a non-primary drive. To read registry information on a non-prim…
This video Micro Tutorial explains how to clone a hard drive using a commercial software product for Windows systems called Casper from Future Systems Solutions (FSS). Cloning makes an exact, complete copy of one hard disk drive (HDD) onto another d…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

7 Experts available now in Live!

Get 1:1 Help Now