[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

Clear test to see if VPN / RDP working

Posted on 2011-09-29
7
Medium Priority
?
584 Views
Last Modified: 2012-05-12
The boss travels a lot. USA, Europe, etc. Often he cannot connect to our Windows server and his Windows XP box via VPN/RDP from his Windows XP laptop.

I'm looking for tools or techniques that make it unabiquously clear that VPN or whatever is blocked from the hotel, coffee shop, airport or other location he's trying to login from.

What simple thing (or tool) could I have him try to make things clear?
0
Comment
Question by:PlanktonSPG
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 

Author Comment

by:PlanktonSPG
ID: 36817409
One location told him "We block all ports below 500". Is there a workaround for such cases? Something I can configure on our servers so he could still get in?
If so, please give specifics for a windows server setup. Thanks!
0
 
LVL 2

Expert Comment

by:Sarcast
ID: 36817452
Easiest way is to telnet your way to the port. If it doesnt open or responds, it's blocked.

Nmap for windows has a nice gui that does the same, but easier to work with:
http://nmap.org/download.html
0
 
LVL 2

Expert Comment

by:Sarcast
ID: 36817466
Use a router or firewall on your side that rerouts certain higher ports (usually above 1024) to for example port 500 or 3389.

Rerouting VPN tunnels can be tricky though, since VPN gets jumpy when network packages get altered.
0
Are You Ready for GDPR?

With the GDPR deadline set for May 25, 2018, many organizations are ill-prepared due to uncertainty about the criteria for compliance. According to a recent WatchGuard survey, a staggering 37% of respondents don't even know if their organization needs to comply with GDPR. Do you?

 

Author Comment

by:PlanktonSPG
ID: 36818173
telnet is not always available and is not active currently on our server. Nmap looks interesting. Would he want to see ports 47, 1723 and 3389 for NameServer, VPN and RDP access?  If port 47 is blocked does that block access or Ping?  I'd like to avoid rerouting things. If the connection doesn't work we can live with it. Just want clear evidence of blocked accesss instead of iffy failure messages.
0
 
LVL 2

Expert Comment

by:Sarcast
ID: 36818216
I did not explain properly.

Telnet is one of the most simple client utltilies out there which was always available on most Windows PC's (with exception of server 2008 iirc).
You can use telnet to open a connection to a port.

For example c:\> telnet www.google.com 80
if the port opens.. and the telnet session connects, then the connection works.
If it hangs, it's closed at his location.

Telnet does nothing more, just open the port. Nmap does the same, but has extra options and a nice gui if you use the windows version.

Also DNS runs on port 53. You might be confused with the GRE IP protocol 47 (not a port).
http://support.microsoft.com/kb/241251
0
 

Author Comment

by:PlanktonSPG
ID: 36818342
Thanks.  So then he needs 53, 1723 and 3389 access to successfully RDP?

i.e., nmap -p53,1723,3389  <machinename>
0
 
LVL 2

Accepted Solution

by:
Sarcast earned 1000 total points
ID: 36818373
To succesfully RDP, you just need port 3389 if you connect on IP basis.
With a hostname, you need port 53 for DNS.

If port 1723 does not work, vpn isn't available for sure. However, if it does work, it's still no guarantee that the VPN tunnel can be built.
0

Featured Post

Q2 2017 - Latest Malware & Internet Attacks

WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.  Check out our latest Quarterly Internet Security Report!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I've written this article to illustrate how we can implement a Dynamic Multipoint VPN (DMVPN) with both hub and spokes having a dynamically assigned non-broadcast multiple-access (NBMA) network IP (public IP). Here is the basic setup of DMVPN Pha…
Will you be ready when the clock on GDPR compliance runs out? Is GDPR even something you need to worry about? Find out more about the upcoming regulation changes and download our comprehensive GDPR checklist today !
How to install and configure Citrix XenApp 6.5 - Part 1. In this video tutorial we have explained step by step installation of Citrix XenApp 6.5 Server on Windows Server 2008 R2 is explained in this video. We have explained the difference between…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question