Can not login to server in DMZ remotely

Dear expert,

I have problem, the server located in DMZ. And the server have joined to a domain (using AD WS2003).
but, when I try to access remotely using account domain, pop up error like picture attached.
But, I successfully  to access remotely using account local. I already add group to allow access the server using remote desktop.
Any idea?

thank you

error.JPG
davidsatAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
davidsatConnect With a Mentor Author Commented:
Dear All,

Just confirm,

LDAP
tcp 389
udp 389

LDAPS
tcp 636
udp 636

DNS
tcp 53
udp 53

Kerberos
tcp 88
udp 88

SMB
tcp 445
udp 445

GC
tcp 3269

RDP
tcp 3389
udp 3389

Any other port that must opened?

Thanks
0
 
zsaurabhCommented:
try to added in Local administrator and then RDP (just for testing)
0
 
vickzzCommented:
First of all check your connection between DMZ And Domain Controllers in Internal network because if your TS is not able to fetch profile or settings from AD you may see this error.
Connection means all required ports should be opened.
0
Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
davidsatAuthor Commented:
Dear All,

I am trying to query/scanning the port between DC and remote server.
Many port are filtered out.

I will escalated this to network team.

Thank you
0
 
vickzzCommented:
Yes. That is the most probable cause of the issue because your TS is unable to load profile settings.
0
 
davidsatAuthor Commented:
Dear All,

attached the result using portquery.
i already open the protocol kerberos, dns, gc,ldap, smb, and rdp. But still can not access the server.


any idea?

thanks
port-query.txt
0
 
vickzzCommented:

 Starting portqry.exe -n 172.30.129.41 -e 139 -p TCP ...

Querying target system called:
 172.30.129.41
Attempting to resolve IP address to a name...

IP address resolved to servername.domainname.com
querying...
TCP port 139 (netbios-ssn service): FILTERED
portqry.exe -n 172.30.129.41 -e 139 -p TCP exits with return code 0x00000002.

Open TCP Port 139 as well and test.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.