Celebrate National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Can not login to server in DMZ remotely

Posted on 2010-08-23
7
Medium Priority
?
443 Views
Last Modified: 2013-11-21
Dear expert,

I have problem, the server located in DMZ. And the server have joined to a domain (using AD WS2003).
but, when I try to access remotely using account domain, pop up error like picture attached.
But, I successfully  to access remotely using account local. I already add group to allow access the server using remote desktop.
Any idea?

thank you

error.JPG
0
Comment
Question by:davidsat
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
7 Comments
 
LVL 2

Expert Comment

by:zsaurabh
ID: 33500142
try to added in Local administrator and then RDP (just for testing)
0
 
LVL 4

Expert Comment

by:vickzz
ID: 33500158
First of all check your connection between DMZ And Domain Controllers in Internal network because if your TS is not able to fetch profile or settings from AD you may see this error.
Connection means all required ports should be opened.
0
 

Author Comment

by:davidsat
ID: 33500743
Dear All,

I am trying to query/scanning the port between DC and remote server.
Many port are filtered out.

I will escalated this to network team.

Thank you
0
Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 
LVL 4

Expert Comment

by:vickzz
ID: 33501205
Yes. That is the most probable cause of the issue because your TS is unable to load profile settings.
0
 

Accepted Solution

by:
davidsat earned 0 total points
ID: 33507488
Dear All,

Just confirm,

LDAP
tcp 389
udp 389

LDAPS
tcp 636
udp 636

DNS
tcp 53
udp 53

Kerberos
tcp 88
udp 88

SMB
tcp 445
udp 445

GC
tcp 3269

RDP
tcp 3389
udp 3389

Any other port that must opened?

Thanks
0
 

Author Comment

by:davidsat
ID: 33508005
Dear All,

attached the result using portquery.
i already open the protocol kerberos, dns, gc,ldap, smb, and rdp. But still can not access the server.


any idea?

thanks
port-query.txt
0
 
LVL 4

Expert Comment

by:vickzz
ID: 33612377

 Starting portqry.exe -n 172.30.129.41 -e 139 -p TCP ...

Querying target system called:
 172.30.129.41
Attempting to resolve IP address to a name...

IP address resolved to servername.domainname.com
querying...
TCP port 139 (netbios-ssn service): FILTERED
portqry.exe -n 172.30.129.41 -e 139 -p TCP exits with return code 0x00000002.

Open TCP Port 139 as well and test.
0

Featured Post

10 Questions to Ask when Buying Backup Software

Choosing the right backup solution for your organization can be a daunting task. To make the selection process easier, ask solution providers these 10 key questions.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After having deployed hundreds of thousands of Terminal Services seats worldwide, I still see all the time people asking me that same old question: "If TS/RDS is that reliable why are you telling me I should reboot it that often? My DC/SQL/Exchange/…
Remote Apps is a feature in server 2008 which allows users to run applications off Remote Desktop Servers without having to log into them to run the applications.  The user can either have a desktop shortcut installed or go through the web portal to…
This is my first video review of Microsoft Bookings, I will be doing a part two with a bit more information, but wanted to get this out to you folks.
How to fix incompatible JVM issue while installing Eclipse While installing Eclipse in windows, got one error like above and unable to proceed with the installation. This video describes how to successfully install Eclipse. How to solve incompa…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question