Solved

Terminal services on windows 2003 Enterprise

Posted on 2011-09-09
4
224 Views
Last Modified: 2012-05-12
The Problem is as follows:
I created a new windows server 2003 Enterprise server domain controller
the server has 2 nics
one is configured for intranet the other connects to my router.  My router points the 3389 port to the server, how ever the server doesn't pickup the terminal services request. what neds to be configured on windows server 2003 for the RDP to work via the internet side nic,  note the intranet side rdp works just fine.

Help!
0
Comment
Question by:Steve Samson
  • 2
4 Comments
 
LVL 1

Expert Comment

by:joebot
ID: 36515087
Hello,
You are not able to remote in from the internet side because your firewall is blocking incoming internet traffic. You need to create an exception for 3389 in your firewall and allow internet sources. Your firewall will let local traffic through by default which is why you have intranet access. Are you using Windows Firewall?
0
 
LVL 7

Expert Comment

by:BobintheNoc
ID: 36515240
NOTE: And a MAJOR one at That.  Unless you're using something ISA server on the DC, it's hugely bad practice to:
1. Expose your DC to the internet
2. Multihome a domain controller


This does seem to be a common example in SBS based installations with the remote workplace function.  I cringe at this concept, but if using ISA server firewall, it's not sooo bad.

Another thought, typically when multihoming a DC, you have to try to make sure that services are only bound to ONE of the interfaces.  Otherwise, it'll list the outside interface potentially for many services, including A records, and the outside interface generally isn't reachable by your inside clients.  The most problematic of this is the A record for the DC, and the A record(SAME AS PARENT) for the domain.  When a client queries for your domain A record, such as mycompany.local, it'll get two results, one of which is not reachable--bottom line, causing a 50% failure rate on initial lookups.  Same goes if you attempt to connect to the DOMAIN's NETLOGON/SYSVOL share instead of a specific DC's netlogon/sysvol share.
0
 

Accepted Solution

by:
Steve Samson earned 0 total points
ID: 36522832
I found the Problem, it as in the routing utility on server 2003, you need to set the routing for the internet side card to listen for the port 3389 and open it up for access.  This is set by default on the intranet side when you  run the connect to the internet utility for server 2003.
0
 

Author Closing Comment

by:Steve Samson
ID: 36553443
I hope that server 2008 is easyer to work with.
0

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The HP utility "HP Lights-Out Online Configuration Utility for Windows Server 2003/2008" could be of great use when it comes to remotely configure a HP servers ILO WITHOUT rebooting the server. We would only need to create and run scripts using thi…
Many of us need to configure DHCP server(s) in their environment. We can do that simply via DHCP console on server or using MMC snap-in on each computer with Administrative Tools installed in a network. But what if we have to configure many DHCP ser…
This Micro Tutorial demonstrates using Microsoft Excel pivot tables, how to reverse engineer competitors' marketing strategies through backlinks.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

786 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question