Solved

External Remote Desktop Issue with Microsoft Server 2008

Posted on 2011-03-23
31
951 Views
Last Modified: 2012-05-11
I am trying to RDP into my Microsoft Server Standard 2008 externally, I have the port forwarded in the router to its IP address and there is no firewall. The remote settings are set to allow all connections on the server; however, when I try to connect it states that I cannot connect to the designated computer and gives me the usual reasons such as it could be turned off or the firewall could be turned on etc.. I really don't know where else to change any settings, if anybody could help me out I would greatly appreciate it. Thanks!
0
Comment
Question by:TechGuy_007
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 12
  • 8
  • 3
  • +4
31 Comments
 
LVL 4

Expert Comment

by:m_walker
ID: 35204275
I assume rdp has been testing inside your network and all is well.

When you connect from outside are you using a hostname, fqdn or IP address.
if you use a hostname (no domain bit) you might have trouble finding it.
if you use an fqdn eg : rdp.my.com have you check its giving the correct IP Address.

If you have not tried this yet, try just the ip address.
0
 
LVL 11

Expert Comment

by:FastFngrz
ID: 35204277
On the server itself, go to a command prompt (run as administrator often helps) and type
Netstat -an | find ":3389"

If it comes back with a 'listening' line, the rdp services are running and the problem is likely with a windows firewall or networking, if not, then rdp isn't enabled on the server and needs to be turned on under control panel-system-advanced settings-remote

So, is port 3389 open and listening?
















0
 

Author Comment

by:TechGuy_007
ID: 35204285
Yes, I am connecting with the external IP address and I ran the netstat and it is open and listening
0
What Is Transaction Monitoring and who needs it?

Synthetic Transaction Monitoring that you need for the day to day, which ensures your business website keeps running optimally, and that there is no downtime to impact your customer experience.

 
LVL 4

Expert Comment

by:m_walker
ID: 35204310
Under the RDP system properties

try "Allow connections from computers running any version of rdp"
0
 

Author Comment

by:TechGuy_007
ID: 35204349
Yes that is already checked
0
 
LVL 21

Expert Comment

by:Radhakrishnan R
ID: 35204366
Check the windows firewall, make sure that it's disabled.
0
 

Author Comment

by:TechGuy_007
ID: 35204373
Windows firewall is off still no go
0
 
LVL 4

Accepted Solution

by:
m_walker earned 500 total points
ID: 35204385
Any hint in the server logs ?
0
 
LVL 21

Expert Comment

by:Radhakrishnan R
ID: 35204392
From the client, Check the registry key HKEY_LOCAL_MACHINE\SYSTEM\currentcontrolset\control\Terminlserver\fDenyTSConnections, If the value is 0 then make it 1.

From the server system properties>>Remote>>Allow users to connect remotely to this computer>make sure that the tick mark also check the Select remote users list your name listed or not.

Hope this will help you to resolve the issue.

0
 
LVL 11

Expert Comment

by:FastFngrz
ID: 35204393
Try from a workstation inside the network (in fact, you can even RDP to itself if you are physically on the console).

If that works, then it's a perimeter firewall NAT issue.  If not, then something is still is blocking the packets (is there another firewall product installed on the box?)
0
 

Author Comment

by:TechGuy_007
ID: 35204428
in the registry I do not see the fDenyTSConnections there is only under
HKEY_LOCAL_MACHINE\SYSTEM\currentcontrolset\control\Terminlserver\

AddIns
ConnectionHandler
DefaultUserConfiguration
KeyboardType Mapping
RCM
SessionArbitrationHelper
SysProcs
TerminalTypes
Utilities
VIDEO
Wds
WinStations

and I can RDP from inside the network
0
 

Author Comment

by:TechGuy_007
ID: 35204431
If it helps the router is a Linksys WRT54G
0
 
LVL 39

Expert Comment

by:Aaron Tomosky
ID: 35204503
Any chance you are trying to login as a user with no password?
0
 

Author Comment

by:TechGuy_007
ID: 35204540
I have tried with and without a user and still no luck
0
 
LVL 39

Expert Comment

by:Aaron Tomosky
ID: 35204545
Just to clarify, from on the LAN you can connect to the server? Use that same exact user and password from out on the Internet and it doesn't work?
0
 

Author Comment

by:TechGuy_007
ID: 35204555
I can access the server from the LAN side; however, I cannot connect to the server externally. I get the error

Remote Desktop can't connect to the remote computer for one of these reasons

1) Remote access to the server is not enabled
2) The remote computer is turned off
3) The remote computer is not available on the network

Make sure the remote computer is turned on and connected to the network, and that remote access is enabled.
0
 
LVL 8

Expert Comment

by:Nivlesh
ID: 35204610
0
 

Author Comment

by:TechGuy_007
ID: 35204648
The port forwarding has been all set and is enabled and I even disabled the firewall service and it still will not connect I reset the server and the router and it still will not connect
0
 
LVL 4

Expert Comment

by:m_walker
ID: 35204659
I think its time to get the network sniffer out and see if the connection request (syn packet) is makeing to the server.  If it is then the inbound rules are ok.  If the server sends back a SYN ACK then you know the server got it and replied.  By running the sniffer on the remote computer as well you should see the SYN ACK make it all the way back.  If the inside sniffer sees a SYN ACK but the remote computer did not, then you have an outbound issue on your router/firewall, or a routing issue.  

Is your server pointing to the the router/firewall as its default gateway.  Can you surf to a web page from the server?
0
 

Author Comment

by:TechGuy_007
ID: 35204691
what network sniffer do you recommend?
0
 

Author Comment

by:TechGuy_007
ID: 35204695
and yes it is pointing to the router as the default gateway and I can access the web via browser from the server
0
 
LVL 8

Expert Comment

by:Nivlesh
ID: 35204712
do you have two network cards on the server? one for internal network and one for outside?
0
 
LVL 9

Expert Comment

by:Ashok Dewan
ID: 35204714
scan your port 3389 by externely use this iste http://t1shopper.com  se if it is responding from outside or not. i know it is responding but see from out side
0
 

Author Comment

by:TechGuy_007
ID: 35204732
it says that it isn't responding
0
 
LVL 4

Expert Comment

by:m_walker
ID: 35204838
If the test is responding then the rdp must not want to allow the connection for some reason.

From memory, windows server allows a limited number of remote connections (I think it was 5 for admin).  Depending on how the server is setup these 5 can get locked to IP addresses or concurrent users (in 2003 it was Server Side CALs v Client Side CALs under the server lic.).

As such two things now come to mind.
1. You already have 5 active connections (still active even though you are not connected) so when you connect from out side it sees a differnet IP (not connected) and says know.  But when you connect inside it says. yep an active session and reconnects.

OR

2. All 5 IPs have been used and cant have any more and you can only connect from those 5 IP Addresses (I know 2003 did this).

Log onto the server and using the rdp manager (should be under admin menu) and see if there are any connected session and clean up.

0
 

Author Comment

by:TechGuy_007
ID: 35204915
there is no connections showing in the Terminal Services Manager window, besides my current session
0
 
LVL 4

Expert Comment

by:m_walker
ID: 35205224
from a remote site can you try running the rdp client like this...

start->run : mstsc.exe /admin
and if that does not work
start->run : mstsc.exe /console

0
 
LVL 8

Expert Comment

by:Nivlesh
ID: 35205567
I am thinking it could be your router. Do you have any other port forwarding enabled on it? This will prove that its not the router. Is it updated with the latest firmware?
0
 
LVL 11

Expert Comment

by:FastFngrz
ID: 35206273
The problem is in your router - 95% says you don't have port forwarding properly set.  Can you share a screen shot (public IP's obscured of course) where you set that forward?  It's not anything with the server because LAN connections work.
0
 
LVL 4

Expert Comment

by:m_walker
ID: 35214079
Just found this while looking for something else (I cant check atm, so it could be a double up on something already tried).

See what happens if you turn off NLA (Network level authentication) on the R2 server in RDP-tcp properties General Tab in RD Session HOst COnfigurtation tool (right click on RDP-tcp, pick Properties..)

0
 
LVL 4

Expert Comment

by:m_walker
ID: 35214136
Also have a look at this : http://technet.microsoft.com/en-us/library/ff393708(WS.10).aspx

One thing that jumped out at a quick look

Prompt for credentials on clientUpdated: February 4, 2010

Applies To: Windows Server 2008

This setting determines whether or not Remote Desktop Connection (RDC) prompts for credentials when connecting to a server that does not support server authentication

The deafult was not to prompt.  So if the clinet side settings has this set, but cant do a "server auth" while off site, it may just give up....
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

For many of us, the  holiday season kindles the natural urge to give back to our friends, family members and communities. While it's easy for friends to notice the impact of such deeds, understanding the contributions of businesses and enterprises i…
I was prompted to write this article after the recent World-Wide Ransomware outbreak. For years now, System Administrators around the world have used the excuse of "Waiting a Bit" before applying Security Patch Updates. This type of reasoning to me …
How to install and configure Citrix XenApp 6.5 - Part 1. In this video tutorial we have explained step by step installation of Citrix XenApp 6.5 Server on Windows Server 2008 R2 is explained in this video. We have explained the difference between…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question