Solved

Clear test to see if VPN / RDP working

Posted on 2011-09-29
7
579 Views
Last Modified: 2012-05-12
The boss travels a lot. USA, Europe, etc. Often he cannot connect to our Windows server and his Windows XP box via VPN/RDP from his Windows XP laptop.

I'm looking for tools or techniques that make it unabiquously clear that VPN or whatever is blocked from the hotel, coffee shop, airport or other location he's trying to login from.

What simple thing (or tool) could I have him try to make things clear?
0
Comment
Question by:PlanktonSPG
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 

Author Comment

by:PlanktonSPG
ID: 36817409
One location told him "We block all ports below 500". Is there a workaround for such cases? Something I can configure on our servers so he could still get in?
If so, please give specifics for a windows server setup. Thanks!
0
 
LVL 2

Expert Comment

by:Sarcast
ID: 36817452
Easiest way is to telnet your way to the port. If it doesnt open or responds, it's blocked.

Nmap for windows has a nice gui that does the same, but easier to work with:
http://nmap.org/download.html
0
 
LVL 2

Expert Comment

by:Sarcast
ID: 36817466
Use a router or firewall on your side that rerouts certain higher ports (usually above 1024) to for example port 500 or 3389.

Rerouting VPN tunnels can be tricky though, since VPN gets jumpy when network packages get altered.
0
Connect further...control easier

With the ATEN CE624, you can now enjoy a high-quality visual experience powered by HDBaseT technology and the convenience of a single Cat6 cable to transmit uncompressed video with zero latency and multi-streaming for dual-view applications where remote access is required.

 

Author Comment

by:PlanktonSPG
ID: 36818173
telnet is not always available and is not active currently on our server. Nmap looks interesting. Would he want to see ports 47, 1723 and 3389 for NameServer, VPN and RDP access?  If port 47 is blocked does that block access or Ping?  I'd like to avoid rerouting things. If the connection doesn't work we can live with it. Just want clear evidence of blocked accesss instead of iffy failure messages.
0
 
LVL 2

Expert Comment

by:Sarcast
ID: 36818216
I did not explain properly.

Telnet is one of the most simple client utltilies out there which was always available on most Windows PC's (with exception of server 2008 iirc).
You can use telnet to open a connection to a port.

For example c:\> telnet www.google.com 80
if the port opens.. and the telnet session connects, then the connection works.
If it hangs, it's closed at his location.

Telnet does nothing more, just open the port. Nmap does the same, but has extra options and a nice gui if you use the windows version.

Also DNS runs on port 53. You might be confused with the GRE IP protocol 47 (not a port).
http://support.microsoft.com/kb/241251
0
 

Author Comment

by:PlanktonSPG
ID: 36818342
Thanks.  So then he needs 53, 1723 and 3389 access to successfully RDP?

i.e., nmap -p53,1723,3389  <machinename>
0
 
LVL 2

Accepted Solution

by:
Sarcast earned 250 total points
ID: 36818373
To succesfully RDP, you just need port 3389 if you connect on IP basis.
With a hostname, you need port 53 for DNS.

If port 1723 does not work, vpn isn't available for sure. However, if it does work, it's still no guarantee that the VPN tunnel can be built.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Auto-launch VPN via Wifi 7 87
Remote access problem to camera controller 9 82
SSL-VPN 1 90
Restricted access to RDP 9 40
Overview Often, we set up VPN appliances where the connected clients are on a separate subnet and the company will have alternate internet connections and do not use this particular device as the gateway for certain servers or clients. In this case…
How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

732 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question