jbasiliere67
asked on
remote desktop routing help
Hi,
I am using a 2003 server as a terminal server. The server has 2 network cards one for access to the local area network and one for a dedicated, secure connection to another terminal server. The purpose of the setup is to allow users on the LAN to login to a remote desktop session on the local terminal server from which they can connect to the remote terminal server.
The problem is that the connection to the remote terminal server does not always connect. When I disconnect the LAN connection the remote connection works every time. It seems as though when both network interfaces are connected Remote Desktop does not "know" which one to use. I want to set it up so that Remote desktop only uses NIC 1. Everything else uses NIC 2. Is this a static route? How and where do I set this up?
Please advise.
Thanks,
John
I am using a 2003 server as a terminal server. The server has 2 network cards one for access to the local area network and one for a dedicated, secure connection to another terminal server. The purpose of the setup is to allow users on the LAN to login to a remote desktop session on the local terminal server from which they can connect to the remote terminal server.
The problem is that the connection to the remote terminal server does not always connect. When I disconnect the LAN connection the remote connection works every time. It seems as though when both network interfaces are connected Remote Desktop does not "know" which one to use. I want to set it up so that Remote desktop only uses NIC 1. Everything else uses NIC 2. Is this a static route? How and where do I set this up?
Please advise.
Thanks,
John
Log into a command prompt and run the command
netstat -rn
This will give you a list of the systems routes. You will probably need to add a static route to the system to always use the a specific NIC for a specific route with the command
route [add | change]
--------------------------
netstat -rn
This will give you a list of the systems routes. You will probably need to add a static route to the system to always use the a specific NIC for a specific route with the command
route [add | change]
--------------------------
ASKER
Everything works already - it is just inconsistent. One time the users connect, another time they dont. It's as if sometimes RDP goes to the wrong NIC because when I unplug the LAN NIC leaving only the NIC to the remote terminal server, the connection works every time.
The IP address for NIC1 is static and is a different subnet, IP range, gateway from NIC2
NIC2 is static and is the same for the LAN.
Phonebuff can you give more details on: "You will probably need to add a static route to the system to always use the a specific NIC for a specific route with the command "
The IP address for NIC1 is static and is a different subnet, IP range, gateway from NIC2
NIC2 is static and is the same for the LAN.
Phonebuff can you give more details on: "You will probably need to add a static route to the system to always use the a specific NIC for a specific route with the command "
Ok so they are different IP's, can you from the pc you are connecting from not just enter the IP address assigned to NIC2 in this case?
If you pull NIC1 from the network and it works, this tells me you must have a route to NIC2 already somewhere on the network(i.e. the router)?
If you pull NIC1 from the network and it works, this tells me you must have a route to NIC2 already somewhere on the network(i.e. the router)?
route add [RDP TARGET] MASK 255.255.255.255 [NIC1 IP]
or
route add [RDP TARGET SUBNET] MASK 255.255.255.n [NIC1 IP]
http://technet.microsoft.com/en-us/library/cc757323%28v=ws.10%29.aspx
or
route add [RDP TARGET SUBNET] MASK 255.255.255.n [NIC1 IP]
http://technet.microsoft.com/en-us/library/cc757323%28v=ws.10%29.aspx
ASKER
Hi,
Sorry I have not gotten back to this. Here is a network diagram of what I am trying to accomplish. From within My Location I have user1 and user2 logging on to TS1 from TS2. This is now working although I didn't add a static route. Next I want to be able to allow User3 at a different location to VPN to my location and sign in as users 1 & 2 do now. It seems that only users at my location can sign onto TS1 from TS2. When I go through the VPN remote desktop disconnects.
Ideas?
Sorry I have not gotten back to this. Here is a network diagram of what I am trying to accomplish. From within My Location I have user1 and user2 logging on to TS1 from TS2. This is now working although I didn't add a static route. Next I want to be able to allow User3 at a different location to VPN to my location and sign in as users 1 & 2 do now. It seems that only users at my location can sign onto TS1 from TS2. When I go through the VPN remote desktop disconnects.
Ideas?
ASKER
Here is the attachment......
net-0001.pdf
net-0001.pdf
Best guess based on what you provided is that the PIX does not permit the RDP active protocol Port TCP/3389.
http://windows.microsoft.com/en-us/windows7/allow-remote-desktop-connections-from-outside-your-home-network
http://windows.microsoft.com/en-us/windows7/allow-remote-desktop-connections-from-outside-your-home-network
What do you mean 'When I go through the VPN remote desktop disconnects'
You mean you can't access TS2? Or you can access TS2 but not TS1?
What IP subnet is VPN on? You need to ensure you are allowing access to the local subnet(I assume is 192.168.2.0/24) from the VPN
You mean you can't access TS2? Or you can access TS2 but not TS1?
What IP subnet is VPN on? You need to ensure you are allowing access to the local subnet(I assume is 192.168.2.0/24) from the VPN
ASKER
I can access TS2 with RDP (or any other machine at this location) through the VPN. However, as soon as I attempt to connect to TS1 within a TS2 RDP sesssion, the TS2 RDP disconnects.
This only happens when VPN ing into the LAN. From user1, 2 or any other machine on the network I can RDP to TS2 and then from there to TS1 without a problem. In fact if I RDP to another machine on the LAN through VPN and then RDP to TS2, the connection to TS1 works fine. It's as if the only way it doesn't work is VPN to TS2 then RDP to TS1 - which is how I need it to work.
I do appreciate the help - it's driving me nuts!
This only happens when VPN ing into the LAN. From user1, 2 or any other machine on the network I can RDP to TS2 and then from there to TS1 without a problem. In fact if I RDP to another machine on the LAN through VPN and then RDP to TS2, the connection to TS1 works fine. It's as if the only way it doesn't work is VPN to TS2 then RDP to TS1 - which is how I need it to work.
I do appreciate the help - it's driving me nuts!
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Good call but it is different VPN subnet 172.0.0.0 and remote network is 192.168.5.0/24
Feck...hard one...
I'm just re-reading your original post
'The problem is that the connection to the remote terminal server does not always connect. When I disconnect the LAN connection the remote connection works every time. It seems as though when both network interfaces are connected Remote Desktop does not "know" which one to use'
When you 'disconnect the LAN connection' - what do you mean by this again?
I understand from your diagram you are RDP'ing to TS2 in order to get to TS1 - is this still correct? Bit confused by the above statement in that case...
I'm just re-reading your original post
'The problem is that the connection to the remote terminal server does not always connect. When I disconnect the LAN connection the remote connection works every time. It seems as though when both network interfaces are connected Remote Desktop does not "know" which one to use'
When you 'disconnect the LAN connection' - what do you mean by this again?
I understand from your diagram you are RDP'ing to TS2 in order to get to TS1 - is this still correct? Bit confused by the above statement in that case...
ASKER
I know this is confusing......sorry. I am going to try to rewrite this thing a bit more clearly in the next couple of days.
"When I disconnect the LAN connection".....in other words when I work directly on TS2 in a console session the connection to TS1 works everytime. It works but is useless because I need to be able to VPN from a remote location and RDP from there to TS2 and them finally to TS1.
When I connect the lan and VPN/RDP to TS2 that works fine as well. But as soon as I click the remote desktop to TS1 the connection to TS2 quits.
Now to add more confusion.....
If I VPN/RDP to any other machine on the same LAN as TS2 and from that machine RDP to TS2 and then to TS1 everything works fine. I just don't want to have to add that 3rd RDP to the loop to make everything work.
"When I disconnect the LAN connection".....in other words when I work directly on TS2 in a console session the connection to TS1 works everytime. It works but is useless because I need to be able to VPN from a remote location and RDP from there to TS2 and them finally to TS1.
When I connect the lan and VPN/RDP to TS2 that works fine as well. But as soon as I click the remote desktop to TS1 the connection to TS2 quits.
Now to add more confusion.....
If I VPN/RDP to any other machine on the same LAN as TS2 and from that machine RDP to TS2 and then to TS1 everything works fine. I just don't want to have to add that 3rd RDP to the loop to make everything work.
Ok, with you now...
Yes very confusing...if I get a chance i'll see if I can mimic your setup on my side and test to see if it does the same thing cause I am out of ideas...
Yes very confusing...if I get a chance i'll see if I can mimic your setup on my side and test to see if it does the same thing cause I am out of ideas...
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
In any case, I made a workaround. By first connecting to another machine on the LAN then to TS2 then to TS1. Everything works.
Thanks for everyone's help.
John
Thanks for everyone's help.
John
ASKER
The work around led me to the conclusion that the external firewall was the issue
Are they both on the same subnet? If so this will never work(which is why you can't get it to connect)
I can think of 2 ways to do this(but depends on what you are trying to achieve)
Just so I am clear - you are trying to RDP to server1, then from that session RDP to server2?
Or am I mistaken?
What's the goal you are trying to get to exactly?
'and one for a dedicated, secure connection to another terminal server' - how exactly is this 'secure' can you explain?