Solved

Can not login to server in DMZ remotely

Posted on 2010-08-23
7
436 Views
Last Modified: 2013-11-21
Dear expert,

I have problem, the server located in DMZ. And the server have joined to a domain (using AD WS2003).
but, when I try to access remotely using account domain, pop up error like picture attached.
But, I successfully  to access remotely using account local. I already add group to allow access the server using remote desktop.
Any idea?

thank you

error.JPG
0
Comment
Question by:davidsat
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
7 Comments
 
LVL 2

Expert Comment

by:zsaurabh
ID: 33500142
try to added in Local administrator and then RDP (just for testing)
0
 
LVL 4

Expert Comment

by:vickzz
ID: 33500158
First of all check your connection between DMZ And Domain Controllers in Internal network because if your TS is not able to fetch profile or settings from AD you may see this error.
Connection means all required ports should be opened.
0
 

Author Comment

by:davidsat
ID: 33500743
Dear All,

I am trying to query/scanning the port between DC and remote server.
Many port are filtered out.

I will escalated this to network team.

Thank you
0
Free Webinar: AWS Backup & DR

Join our upcoming webinar with experts from AWS, CloudBerry Lab, and the Town of Edgartown IT to discuss best practices for simplifying online backup management and cutting costs.

 
LVL 4

Expert Comment

by:vickzz
ID: 33501205
Yes. That is the most probable cause of the issue because your TS is unable to load profile settings.
0
 

Accepted Solution

by:
davidsat earned 0 total points
ID: 33507488
Dear All,

Just confirm,

LDAP
tcp 389
udp 389

LDAPS
tcp 636
udp 636

DNS
tcp 53
udp 53

Kerberos
tcp 88
udp 88

SMB
tcp 445
udp 445

GC
tcp 3269

RDP
tcp 3389
udp 3389

Any other port that must opened?

Thanks
0
 

Author Comment

by:davidsat
ID: 33508005
Dear All,

attached the result using portquery.
i already open the protocol kerberos, dns, gc,ldap, smb, and rdp. But still can not access the server.


any idea?

thanks
port-query.txt
0
 
LVL 4

Expert Comment

by:vickzz
ID: 33612377

 Starting portqry.exe -n 172.30.129.41 -e 139 -p TCP ...

Querying target system called:
 172.30.129.41
Attempting to resolve IP address to a name...

IP address resolved to servername.domainname.com
querying...
TCP port 139 (netbios-ssn service): FILTERED
portqry.exe -n 172.30.129.41 -e 139 -p TCP exits with return code 0x00000002.

Open TCP Port 139 as well and test.
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This is my 3rd article on SCCM in recent weeks, the 1st (http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/Windows_Server_2008/A_4466-A-beginners-guide-to-installing-SCCM2007-on-Windows-2008-R2-Server.html) dealing with installat…
Welcome to my series of short tips on migrations. Whilst based on Microsoft migrations the same principles can be applied to any type of migration. My first tip Migration Tip #1 – Source Server Health can be found here: http://www.experts-exchang…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

756 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question