Solved

sbs 2008 remote desktop to a client computer

Posted on 2011-02-21
8
945 Views
Last Modified: 2012-05-11
SBS 2008 network with 25 XP Pro computers, Cisco PIX Firewall/VPN.  When I'm in the network I can RDP to any workstation and to the server no problem.  When I'm outside the network and VPN into the network I can't RDP to any workstation.  I can RDP to the server, but can't RDP to any workstation.   I have tried RDP using the machinename.domain.local and also by the IP address of the machine with no difference.  Also, as a side note I can ping the machinename.domain.local.  If I take an XP machine out of the domain I can RDP to the machine no problem.  I have had this VPN installed for several years and had no problems until I installed the SBS 2008 server and joined the machines to this new domain.

Really hope someone can give me insight into this problem.  Thanks in advance for any help.
0
Comment
Question by:tparrett
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
  • +1
8 Comments
 
LVL 10

Expert Comment

by:jayasanker
ID: 34948268
HI Do you have any firewall policy blocking VPN to LAN Traffic??

pls verify that,

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a0080093f6c.shtml
0
 

Author Comment

by:tparrett
ID: 34948354
I don't have any firewall policies block VPN to LAN Traffic.  If I remove the machine from the domain I can RDP to it with no problems.
0
 
LVL 10

Expert Comment

by:jayasanker
ID: 34948544
Let me know one thing, i believe you can RDP in to SBS Server, open sbs console, then click network icon> does your computer's listed there?? if so right click on computers and click connect to a computer using terminal services!!

Is that successful??

Thx
0
Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

 

Author Comment

by:tparrett
ID: 34948656
Yes - from the server I can connect to any computer.  I think this is because the server is in the same network address though.
0
 
LVL 2

Expert Comment

by:BITCooler
ID: 34949295
Here's a couple of things to check:

1) Users of the SBS domain that need to connect remotely should be added to the Mobile Users security group to have access permissions.

2) Check your VPN connection when you remote in and make sure your connection says "local and internet".  If your VPN connection is local only, then your VPN connection may not be working properly.
0
 
LVL 1

Accepted Solution

by:
Adi-IT-Works earned 500 total points
ID: 34949361
It sounds like it's the local firewall on your clients - SBS 08 throws in AD Policies that will only allow RDP access from the local subnet. That explains how you can RDP into that machine when you take it out of the domain.

Disable windows firewall service and try to connect from outside to verify.
0
 

Author Comment

by:tparrett
ID: 34953925
ADI-IT-Works - - I think you are on to something.  Going to the firewall on the machine I'm not able to turn it off.  Looked at the exceptions and RDP was listed, but only for the localsubnet.  Ran down this article that helped me make the change in the GPO on the server and I'm good to go now.  

http://www.petenetlive.com/KB/Article/0000193.htm

Thanks!
0
 
LVL 1

Expert Comment

by:Adi-IT-Works
ID: 34965123
Right on, glad you got it!

FYI - yes the SBS AD policy will enable firewall policy and gray it out on the client so you can't tweak there, but you can always disable Windows Firewall service in Services applett, temporarily while troubleshooting. ;)
0

Featured Post

Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This guide is intended to provide step by step instructions on how to migrate from Small Business Server 2003 to Small Business Server 2011. NOTE: This guide has been written using the preview version of SBS2011 therefore some of the screens may …
The articles for turning off the Client firewall policy on the internet are for SBS 2008 and don't really help for SBS 2011. They actually moved the Client firewall policy. In 2011, the client firewall policy has moved to the SBS computers conta…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

615 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question