Solved

Clear test to see if VPN / RDP working

Posted on 2011-09-29
7
578 Views
Last Modified: 2012-05-12
The boss travels a lot. USA, Europe, etc. Often he cannot connect to our Windows server and his Windows XP box via VPN/RDP from his Windows XP laptop.

I'm looking for tools or techniques that make it unabiquously clear that VPN or whatever is blocked from the hotel, coffee shop, airport or other location he's trying to login from.

What simple thing (or tool) could I have him try to make things clear?
0
Comment
Question by:PlanktonSPG
  • 4
  • 3
7 Comments
 

Author Comment

by:PlanktonSPG
ID: 36817409
One location told him "We block all ports below 500". Is there a workaround for such cases? Something I can configure on our servers so he could still get in?
If so, please give specifics for a windows server setup. Thanks!
0
 
LVL 2

Expert Comment

by:Sarcast
ID: 36817452
Easiest way is to telnet your way to the port. If it doesnt open or responds, it's blocked.

Nmap for windows has a nice gui that does the same, but easier to work with:
http://nmap.org/download.html
0
 
LVL 2

Expert Comment

by:Sarcast
ID: 36817466
Use a router or firewall on your side that rerouts certain higher ports (usually above 1024) to for example port 500 or 3389.

Rerouting VPN tunnels can be tricky though, since VPN gets jumpy when network packages get altered.
0
Create the perfect environment for any meeting

You might have a modern environment with all sorts of high-tech equipment, but what makes it worthwhile is how you seamlessly bring together the presentation with audio, video and lighting. The ATEN Control System provides integrated control and system automation.

 

Author Comment

by:PlanktonSPG
ID: 36818173
telnet is not always available and is not active currently on our server. Nmap looks interesting. Would he want to see ports 47, 1723 and 3389 for NameServer, VPN and RDP access?  If port 47 is blocked does that block access or Ping?  I'd like to avoid rerouting things. If the connection doesn't work we can live with it. Just want clear evidence of blocked accesss instead of iffy failure messages.
0
 
LVL 2

Expert Comment

by:Sarcast
ID: 36818216
I did not explain properly.

Telnet is one of the most simple client utltilies out there which was always available on most Windows PC's (with exception of server 2008 iirc).
You can use telnet to open a connection to a port.

For example c:\> telnet www.google.com 80
if the port opens.. and the telnet session connects, then the connection works.
If it hangs, it's closed at his location.

Telnet does nothing more, just open the port. Nmap does the same, but has extra options and a nice gui if you use the windows version.

Also DNS runs on port 53. You might be confused with the GRE IP protocol 47 (not a port).
http://support.microsoft.com/kb/241251
0
 

Author Comment

by:PlanktonSPG
ID: 36818342
Thanks.  So then he needs 53, 1723 and 3389 access to successfully RDP?

i.e., nmap -p53,1723,3389  <machinename>
0
 
LVL 2

Accepted Solution

by:
Sarcast earned 250 total points
ID: 36818373
To succesfully RDP, you just need port 3389 if you connect on IP basis.
With a hostname, you need port 53 for DNS.

If port 1723 does not work, vpn isn't available for sure. However, if it does work, it's still no guarantee that the VPN tunnel can be built.
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Secure VPN Connection terminated locally by the Client.  Reason 442: Failed to enable Virtual Adapter. If you receive this error on Windows 8 or Windows 8.1 while trying to connect with the Cisco VPN Client then the solution is a simple registry f…
I've written this article to illustrate how we can implement a Dynamic Multipoint VPN (DMVPN) with both hub and spokes having a dynamically assigned non-broadcast multiple-access (NBMA) network IP (public IP). Here is the basic setup of DMVPN Pha…
How to install and configure Citrix XenApp 6.5 - Part 1. In this video tutorial we have explained step by step installation of Citrix XenApp 6.5 Server on Windows Server 2008 R2 is explained in this video. We have explained the difference between…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

820 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question