Up2DateTech
asked on
Port forward to SBS 2008 for RDP
Hello Everyone
I have a SBS 2008 & a Windows 2008 TS box on a network,
I have 3399 port forwarded to the TS box.
I want to do external 3388 to internal 3389 to the SBS 2008 box. for remote access. But it's not working. any ideas ?
I have a SBS 2008 & a Windows 2008 TS box on a network,
I have 3399 port forwarded to the TS box.
I want to do external 3388 to internal 3389 to the SBS 2008 box. for remote access. But it's not working. any ideas ?
ASKER
correct
1 - try normal 3389 and confirm working.
2 - try another port perhaps 3380 - often the ports work in pairs and 3388 will be using 3389 also.
3 - what router are you using?
2 - try another port perhaps 3380 - often the ports work in pairs and 3388 will be using 3389 also.
3 - what router are you using?
ASKER
just changed external to 3387 to test didn't work either
ASKER
i can;t change the port forward 3389 people are using it to get to the TS box. Plus i'm not on site so if it doesn't work i'll loose connection.
It's a TP-Link
It's a TP-Link
ASKER
changed to 3380 no go.
I can access the server via 3389 in the network fine.
also all other PF are working, ie 25, 80, 443, 1723, 987
I can access the server via 3389 in the network fine.
also all other PF are working, ie 25, 80, 443, 1723, 987
just change the port on the sbs to 3388 and port forward the router 3388 to the sbs.
run regedit
HKEY_LOCAL_MACHINE\System\ CurrentCon trolSet\Co ntrol\Term inal Server\WinStations\RDP-Tcp
change portnumber to 3388 (decimal)
when you have to RDP use IPADDRESS:3388
run regedit
HKEY_LOCAL_MACHINE\System\
change portnumber to 3388 (decimal)
when you have to RDP use IPADDRESS:3388
ASKER
Thanks Thethical i really would like to not have to change that. The port forward should work.
only thing i can think of is the sbs 2008 firewall is blocking it somehow but i cant find anything on it to indicate it is.
only thing i can think of is the sbs 2008 firewall is blocking it somehow but i cant find anything on it to indicate it is.
What is your external router? And how have you setup the port forward?
ASKER
TP-Link TD-8840
Server Name External Port Start External Port End Protocol Internal Port Start Internal Port End Server IP Address Remove
Mail (SMTP) 25 25 TCP 25 25 172.16.4.250
Web Server (HTTP) 80 80 TCP 80 80 172.16.4.250
PPTP 1723 1723 TCP 1723 1723 172.16.4.250
TS RemoteServer 3389 3389 TCP 3389 3389 172.16.4.10
Secure Web Server (HTTPS) 443 443 TCP 443 443 172.16.4.250
server 987 987 TCP 987 987 172.16.4.250
server 3380 3380 TCP/UDP 3389 3389 172.16.4.250
Server Name External Port Start External Port End Protocol Internal Port Start Internal Port End Server IP Address Remove
Mail (SMTP) 25 25 TCP 25 25 172.16.4.250
Web Server (HTTP) 80 80 TCP 80 80 172.16.4.250
PPTP 1723 1723 TCP 1723 1723 172.16.4.250
TS RemoteServer 3389 3389 TCP 3389 3389 172.16.4.10
Secure Web Server (HTTPS) 443 443 TCP 443 443 172.16.4.250
server 987 987 TCP 987 987 172.16.4.250
server 3380 3380 TCP/UDP 3389 3389 172.16.4.250
ASKER
i can't be a router issue all the other port forwards are working no problems
i have tested creating a new one 2500 to 25 worked.
i have tested creating a new one 2500 to 25 worked.
ASKER
tested 3387 to the windows 2008 box worked.
Sorry, I'm not overly familiar with SBS 2008, but does it have a similar "Windows Firewall with Advanced Security" applet to 2008?
If so, you may have to check the Edge Traversal settings on the "Remote Desktop (TCP-in)" Inbound Rules.
If so, you may have to check the Edge Traversal settings on the "Remote Desktop (TCP-in)" Inbound Rules.
ASKER
the Edge Traversal settings was off. I turned it on still no go
If your using SBS 2008, and the 2008 TS is on the network, why not just goto RWW, login, and access it from there? Providing your the admin of the SBS, you can give yourself and the other users access direclty from RWW.
If this is not the way your wanting to access the server, then change the RDP listening port of the 2008 TS from 3389 to 3390 or something like that as another user posted. Open up that port on your firewall and make sure it is forwarded to the 2008 server. You then access the TS2008 from RDP in EXTERNALIP:3390 Also, make sure you have opened up this port in the SBS 08 and the TS 2008 firewall if it is on, by default it is turned on in the SBS 2008 GPO.
If this is not the way your wanting to access the server, then change the RDP listening port of the 2008 TS from 3389 to 3390 or something like that as another user posted. Open up that port on your firewall and make sure it is forwarded to the 2008 server. You then access the TS2008 from RDP in EXTERNALIP:3390 Also, make sure you have opened up this port in the SBS 08 and the TS 2008 firewall if it is on, by default it is turned on in the SBS 2008 GPO.
Remote web Workplace is a good option but if you want direct access using RDP, SBS 2008 has a new feature called TS gateway. With this you can use the remote desktop client (RDP) to connect directly to any computer on your network to which you have permissions, using the standard RDP client. You do not need to do any port forwarding so long as you have set up the default 443 and 987 SBS ports, and the RDP client will automatically connect using port 443 which is more secure as it uses SSL. The only difference is you have to add the name of the TS gateway computer (the SBS) in the RDP client. Then just enter the TS name or computer name to which you want to connect the same as you would on a LAN with the RDP client. See the following link. The TS gateway notes are contained in the description of the last 3 images:
http://blogs.technet.com/b/sbs/archive/2009/06/25/sbs-2008-introduction-to-remote-web-workplace.aspx
http://blogs.technet.com/b/sbs/archive/2009/06/25/sbs-2008-introduction-to-remote-web-workplace.aspx
maybe a non-issue but thought I'd ask.... do you have a dsl/cable modem in front of your router that may need the additional port opened and forwarded to your router?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
? and specifying 3388?