Terminal services on windows 2003 Enterprise

Posted on 2011-09-09
Medium Priority
Last Modified: 2012-05-12
The Problem is as follows:
I created a new windows server 2003 Enterprise server domain controller
the server has 2 nics
one is configured for intranet the other connects to my router.  My router points the 3389 port to the server, how ever the server doesn't pickup the terminal services request. what neds to be configured on windows server 2003 for the RDP to work via the internet side nic,  note the intranet side rdp works just fine.

Question by:Steve Samson
  • 2

Expert Comment

ID: 36515087
You are not able to remote in from the internet side because your firewall is blocking incoming internet traffic. You need to create an exception for 3389 in your firewall and allow internet sources. Your firewall will let local traffic through by default which is why you have intranet access. Are you using Windows Firewall?

Expert Comment

ID: 36515240
NOTE: And a MAJOR one at That.  Unless you're using something ISA server on the DC, it's hugely bad practice to:
1. Expose your DC to the internet
2. Multihome a domain controller

This does seem to be a common example in SBS based installations with the remote workplace function.  I cringe at this concept, but if using ISA server firewall, it's not sooo bad.

Another thought, typically when multihoming a DC, you have to try to make sure that services are only bound to ONE of the interfaces.  Otherwise, it'll list the outside interface potentially for many services, including A records, and the outside interface generally isn't reachable by your inside clients.  The most problematic of this is the A record for the DC, and the A record(SAME AS PARENT) for the domain.  When a client queries for your domain A record, such as mycompany.local, it'll get two results, one of which is not reachable--bottom line, causing a 50% failure rate on initial lookups.  Same goes if you attempt to connect to the DOMAIN's NETLOGON/SYSVOL share instead of a specific DC's netlogon/sysvol share.

Accepted Solution

Steve Samson earned 0 total points
ID: 36522832
I found the Problem, it as in the routing utility on server 2003, you need to set the routing for the internet side card to listen for the port 3389 and open it up for access.  This is set by default on the intranet side when you  run the connect to the internet utility for server 2003.

Author Closing Comment

by:Steve Samson
ID: 36553443
I hope that server 2008 is easyer to work with.

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Many of us need to configure DHCP server(s) in their environment. We can do that simply via DHCP console on server or using MMC snap-in on each computer with Administrative Tools installed in a network. But what if we have to configure many DHCP ser…
While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
In this video I will demonstrate how to set up Nine, which I now consider the best alternative email app to Touchdown.
Watch the video to know how one can repair corrupt Exchange OST file effortlessly and convert OST emails to MS Outlook PST file format by using Kernel for OST to PST converter tool. It can convert OST to MSG, MBOX, EML to access them. It can migrate…

627 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question