[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 959
  • Last Modified:

External Remote Desktop Issue with Microsoft Server 2008

I am trying to RDP into my Microsoft Server Standard 2008 externally, I have the port forwarded in the router to its IP address and there is no firewall. The remote settings are set to allow all connections on the server; however, when I try to connect it states that I cannot connect to the designated computer and gives me the usual reasons such as it could be turned off or the firewall could be turned on etc.. I really don't know where else to change any settings, if anybody could help me out I would greatly appreciate it. Thanks!
0
TechGuy_007
Asked:
TechGuy_007
  • 12
  • 8
  • 3
  • +4
1 Solution
 
m_walkerCommented:
I assume rdp has been testing inside your network and all is well.

When you connect from outside are you using a hostname, fqdn or IP address.
if you use a hostname (no domain bit) you might have trouble finding it.
if you use an fqdn eg : rdp.my.com have you check its giving the correct IP Address.

If you have not tried this yet, try just the ip address.
0
 
FastFngrzCommented:
On the server itself, go to a command prompt (run as administrator often helps) and type
Netstat -an | find ":3389"

If it comes back with a 'listening' line, the rdp services are running and the problem is likely with a windows firewall or networking, if not, then rdp isn't enabled on the server and needs to be turned on under control panel-system-advanced settings-remote

So, is port 3389 open and listening?
















0
 
TechGuy_007Author Commented:
Yes, I am connecting with the external IP address and I ran the netstat and it is open and listening
0
Prepare for your VMware VCP6-DCV exam.

Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.

 
m_walkerCommented:
Under the RDP system properties

try "Allow connections from computers running any version of rdp"
0
 
TechGuy_007Author Commented:
Yes that is already checked
0
 
Radhakrishnan RITCommented:
Check the windows firewall, make sure that it's disabled.
0
 
TechGuy_007Author Commented:
Windows firewall is off still no go
0
 
m_walkerCommented:
Any hint in the server logs ?
0
 
Radhakrishnan RITCommented:
From the client, Check the registry key HKEY_LOCAL_MACHINE\SYSTEM\currentcontrolset\control\Terminlserver\fDenyTSConnections, If the value is 0 then make it 1.

From the server system properties>>Remote>>Allow users to connect remotely to this computer>make sure that the tick mark also check the Select remote users list your name listed or not.

Hope this will help you to resolve the issue.

0
 
FastFngrzCommented:
Try from a workstation inside the network (in fact, you can even RDP to itself if you are physically on the console).

If that works, then it's a perimeter firewall NAT issue.  If not, then something is still is blocking the packets (is there another firewall product installed on the box?)
0
 
TechGuy_007Author Commented:
in the registry I do not see the fDenyTSConnections there is only under
HKEY_LOCAL_MACHINE\SYSTEM\currentcontrolset\control\Terminlserver\

AddIns
ConnectionHandler
DefaultUserConfiguration
KeyboardType Mapping
RCM
SessionArbitrationHelper
SysProcs
TerminalTypes
Utilities
VIDEO
Wds
WinStations

and I can RDP from inside the network
0
 
TechGuy_007Author Commented:
If it helps the router is a Linksys WRT54G
0
 
Aaron TomoskyTechnology ConsultantCommented:
Any chance you are trying to login as a user with no password?
0
 
TechGuy_007Author Commented:
I have tried with and without a user and still no luck
0
 
Aaron TomoskyTechnology ConsultantCommented:
Just to clarify, from on the LAN you can connect to the server? Use that same exact user and password from out on the Internet and it doesn't work?
0
 
TechGuy_007Author Commented:
I can access the server from the LAN side; however, I cannot connect to the server externally. I get the error

Remote Desktop can't connect to the remote computer for one of these reasons

1) Remote access to the server is not enabled
2) The remote computer is turned off
3) The remote computer is not available on the network

Make sure the remote computer is turned on and connected to the network, and that remote access is enabled.
0
 
TechGuy_007Author Commented:
The port forwarding has been all set and is enabled and I even disabled the firewall service and it still will not connect I reset the server and the router and it still will not connect
0
 
m_walkerCommented:
I think its time to get the network sniffer out and see if the connection request (syn packet) is makeing to the server.  If it is then the inbound rules are ok.  If the server sends back a SYN ACK then you know the server got it and replied.  By running the sniffer on the remote computer as well you should see the SYN ACK make it all the way back.  If the inside sniffer sees a SYN ACK but the remote computer did not, then you have an outbound issue on your router/firewall, or a routing issue.  

Is your server pointing to the the router/firewall as its default gateway.  Can you surf to a web page from the server?
0
 
TechGuy_007Author Commented:
what network sniffer do you recommend?
0
 
TechGuy_007Author Commented:
and yes it is pointing to the router as the default gateway and I can access the web via browser from the server
0
 
NivleshCommented:
do you have two network cards on the server? one for internal network and one for outside?
0
 
Ashok DewanCommented:
scan your port 3389 by externely use this iste http://t1shopper.com  se if it is responding from outside or not. i know it is responding but see from out side
0
 
TechGuy_007Author Commented:
it says that it isn't responding
0
 
m_walkerCommented:
If the test is responding then the rdp must not want to allow the connection for some reason.

From memory, windows server allows a limited number of remote connections (I think it was 5 for admin).  Depending on how the server is setup these 5 can get locked to IP addresses or concurrent users (in 2003 it was Server Side CALs v Client Side CALs under the server lic.).

As such two things now come to mind.
1. You already have 5 active connections (still active even though you are not connected) so when you connect from out side it sees a differnet IP (not connected) and says know.  But when you connect inside it says. yep an active session and reconnects.

OR

2. All 5 IPs have been used and cant have any more and you can only connect from those 5 IP Addresses (I know 2003 did this).

Log onto the server and using the rdp manager (should be under admin menu) and see if there are any connected session and clean up.

0
 
TechGuy_007Author Commented:
there is no connections showing in the Terminal Services Manager window, besides my current session
0
 
m_walkerCommented:
from a remote site can you try running the rdp client like this...

start->run : mstsc.exe /admin
and if that does not work
start->run : mstsc.exe /console

0
 
NivleshCommented:
I am thinking it could be your router. Do you have any other port forwarding enabled on it? This will prove that its not the router. Is it updated with the latest firmware?
0
 
FastFngrzCommented:
The problem is in your router - 95% says you don't have port forwarding properly set.  Can you share a screen shot (public IP's obscured of course) where you set that forward?  It's not anything with the server because LAN connections work.
0
 
m_walkerCommented:
Just found this while looking for something else (I cant check atm, so it could be a double up on something already tried).

See what happens if you turn off NLA (Network level authentication) on the R2 server in RDP-tcp properties General Tab in RD Session HOst COnfigurtation tool (right click on RDP-tcp, pick Properties..)

0
 
m_walkerCommented:
Also have a look at this : http://technet.microsoft.com/en-us/library/ff393708(WS.10).aspx

One thing that jumped out at a quick look

Prompt for credentials on clientUpdated: February 4, 2010

Applies To: Windows Server 2008

This setting determines whether or not Remote Desktop Connection (RDC) prompts for credentials when connecting to a server that does not support server authentication

The deafult was not to prompt.  So if the clinet side settings has this set, but cant do a "server auth" while off site, it may just give up....
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

  • 12
  • 8
  • 3
  • +4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now