We help IT Professionals succeed at work.

Another one of those RDP issues

1,187 Views
Last Modified: 2013-11-21
I have an odd issue. I have 5 servers out of 64 that are sitting on the same subnet/VLAN that I cannot RDP to. The server are HP BL460c blades. They are running Windows 2003 x64 enterprise. They are citrix servers. When trying to connect using mstsc the connection times out and states that "This computer can't connect to the remote computer"
* The VLAN/subnet is not behind a internal firewall.
* Microsoft Firewall service is NOT started.
* 3389 is listing on 0.0.0.0 when doing a netstat -an
* RDP is enabled under the remote tab of system properties
* I have deleted and recreated the RDP-tcp connection under Terminal Services Configuration
* I have completly uninstalled all Cirtrix related software from the server
* NO. I cannot connect via the ICA-tcp connection either
* I have changed the port number for RDP to 80 which did not allow connections either.
* The server does have dual production NICs that are usually teamed. I have unteamed the NICs and just manually IPed one NIC and disabled the secondary
* I have reteamed the NICs using diffrent Teaming algorithems with no luck
* When trying to connect via mstsc I do a netstat -an on the server and see a entry for the remote client computer in the table trying to establish a session via port 3389
* ran microsoft NetMon 3.5 on the server. Can see the server recieveing the RDP connection request and sending a response to the remote client that is trying to connect.
* I get this same issue from multiple desktops, laptops, and servers sitting on the same VLAN and subnet.
* there are no errors in the system or application log.
* IPsec is working fine on the server and I decided to register polstore.dll just to make sure.

I am at the point where I need to get Microsoft support to help, but I wanted to post the issue here first to see if anyone else has run into this issue before. Overall teh server is communicating on the network just fine except for this problem.
Comment
Watch Question

Commented:
Not necessarily giving you a solution but rather the logical approach to troubleshoot the issue:

1. Disable IPSec if that is in use and test it again

2. When you said the server communicating with the network fine except the RDP and ICA connections.  Did you mean services like file sharing or other running services are going OK?  Since those services all require the traffics to pass through the server, if they are OK then if would be something specific to RDP/ICA.

3. What Windows version of the server?  2008?  If so, no Network Access Policy or Network Level Authentication in use?

4. Is it possible to hard wire those 5 servers to another LAN / subnet (if any) and test it out?  How many subnets are there in fact?  You sure you have tested initiating the connection from more than one subnet?

5. there is a trick you can try:  try using mstsc.exe to connect to itself by running it locally on the server, and set the "localhost" as the destination.  it works fine from Windows Server 2008, presumming it should work on other version of Windows as well.  If that works, we have elinimated the RDP protocol not working properly issue.

Author

Commented:
Thanks for the Reply:
1. IPsec issues were the first thing I check. I have disabled IPSec with no luck
2. All other traffic including file sharing, authentication to the domain, etc works just fine.
3. Windows version is Windows 2003 x64 Enterprise. There are no Network Access Policies or Network Level Auth that are in use.
4. Since these are Blade servers there is no way to connect them into another VLAN without making modification to the virtual NIC port for this server through the Cisco switch installed into the chassis. I can not do this due to a seperate Network team in my company are the only ones allowed to do this. The subnet assigned to the VLAN that these server are sitting is a /24 subnet of x.x.x.1 - x.x.x.254

I have tried to connect to this server from multiple diffrent VLANs from all over the company and Nation with no luck.

5. Tried your trick and got the same issue as I get with other clients trying to connect. MStsc trys to connect then times out stating it can not connect to the remote computer.

Commented:
Apparently the terminal service component on the server is not working properly.  Are you sure you didn't miss any events from the event logs?

Did you try unticking and reticking the "Enabled remote desktop on this server" option in the "remote" tab of system properties dialogue box then restart the server?  Sometimes even it is showing the remote desktop is enabled, but in fact it is not.

There is also a not so related thought but worthing checking, is the boot.ini modified in anyway?  No boot parameters added after the system was deployed?

Author

Commented:
Thanks for your help......

No events in the system or app logs show any errors about term services. In fact teh system and app log are clen of errors for the servers. Just informational events from restarts and some perflib warnings

I tried the enable re-enable trick within the remote tab with no luck. Even with a reboot.

Boot.ini is clean of any switches.

Looks like my next step is to go stump microsoft. :-)

Commented:
I guess so, but please report back with any findings from Microsoft once you get it sorted as it would be beneficial to all of us.

Author

Commented:
Will do.
Commented:
Unlock this solution and get a sample of our free trial.
(No credit card required)
UNLOCK SOLUTION
Unlock the solution to this question.
Thanks for using Experts Exchange.

Please provide your email to receive a sample view!

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.