Solved

Can not login to server in DMZ remotely

Posted on 2010-08-23
7
433 Views
Last Modified: 2013-11-21
Dear expert,

I have problem, the server located in DMZ. And the server have joined to a domain (using AD WS2003).
but, when I try to access remotely using account domain, pop up error like picture attached.
But, I successfully  to access remotely using account local. I already add group to allow access the server using remote desktop.
Any idea?

thank you

error.JPG
0
Comment
Question by:davidsat
  • 3
  • 3
7 Comments
 
LVL 2

Expert Comment

by:zsaurabh
ID: 33500142
try to added in Local administrator and then RDP (just for testing)
0
 
LVL 4

Expert Comment

by:vickzz
ID: 33500158
First of all check your connection between DMZ And Domain Controllers in Internal network because if your TS is not able to fetch profile or settings from AD you may see this error.
Connection means all required ports should be opened.
0
 

Author Comment

by:davidsat
ID: 33500743
Dear All,

I am trying to query/scanning the port between DC and remote server.
Many port are filtered out.

I will escalated this to network team.

Thank you
0
Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

 
LVL 4

Expert Comment

by:vickzz
ID: 33501205
Yes. That is the most probable cause of the issue because your TS is unable to load profile settings.
0
 

Accepted Solution

by:
davidsat earned 0 total points
ID: 33507488
Dear All,

Just confirm,

LDAP
tcp 389
udp 389

LDAPS
tcp 636
udp 636

DNS
tcp 53
udp 53

Kerberos
tcp 88
udp 88

SMB
tcp 445
udp 445

GC
tcp 3269

RDP
tcp 3389
udp 3389

Any other port that must opened?

Thanks
0
 

Author Comment

by:davidsat
ID: 33508005
Dear All,

attached the result using portquery.
i already open the protocol kerberos, dns, gc,ldap, smb, and rdp. But still can not access the server.


any idea?

thanks
port-query.txt
0
 
LVL 4

Expert Comment

by:vickzz
ID: 33612377

 Starting portqry.exe -n 172.30.129.41 -e 139 -p TCP ...

Querying target system called:
 172.30.129.41
Attempting to resolve IP address to a name...

IP address resolved to servername.domainname.com
querying...
TCP port 139 (netbios-ssn service): FILTERED
portqry.exe -n 172.30.129.41 -e 139 -p TCP exits with return code 0x00000002.

Open TCP Port 139 as well and test.
0

Featured Post

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Some time ago I faced the need to use a uniform folder structure that spanned across numerous sites of an enterprise to be used as a common repository for the Software packages of the Configuration Manager 2007 infrastructure. Because the procedu…
Welcome to my series of short tips on migrations. Whilst based on Microsoft migrations the same principles can be applied to any type of migration. My first tip is around source server preparation. No migration is an easy migration, there is a…
In a recent question (https://www.experts-exchange.com/questions/28997919/Pagination-in-Adobe-Acrobat.html) here at Experts Exchange, a member asked how to add page numbers to a PDF file using Adobe Acrobat XI Pro. This short video Micro Tutorial sh…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

816 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now