Avatar of jbasiliere67
jbasiliere67
 asked on

remote desktop routing help

Hi,

I am using a 2003 server as a terminal server.  The server has 2 network cards one for access to the local area network and one for a dedicated, secure connection to another terminal server.  The purpose of the setup is to allow users on the LAN to login to a remote desktop session on the local terminal server from which they can connect to the remote terminal server.  

The problem is that the connection to the remote  terminal server does not always connect.  When I disconnect the LAN connection the remote connection works every time. It seems as though when both network interfaces are connected Remote Desktop does not "know" which one to use.  I want to set it up so that Remote desktop only uses NIC 1.  Everything else uses NIC 2.  Is this a static route?  How and where do I set this up?

Please advise.

Thanks,

John
Windows NetworkingNetwork ManagementNetwork Architecture

Avatar of undefined
Last Comment
jbasiliere67

8/22/2022 - Mon
Shane McKeown

No, this isn't a routing issue, how have you setup the IP addresses for each of these NIC's?

Are they both on the same subnet? If so this will never work(which is why you can't get it to connect)

I can think of 2 ways to do this(but depends on what you are trying to achieve)

Just so I am clear - you are trying to RDP to server1, then from that session RDP to server2?
Or am I mistaken?

What's the goal you are trying to get to exactly?

'and one for a dedicated, secure connection to another terminal server' - how exactly is this 'secure' can you explain?
Phonebuff

Log into a command prompt and run the command

netstat -rn  

This will give you a list of the systems routes.  You will probably need to add a static route to the system to always use the a specific NIC for a specific route with the command

route [add | change]

-----------------------------------------------
jbasiliere67

ASKER
Everything works already - it is just inconsistent.  One time the users connect, another time they dont.  It's as if sometimes RDP goes to the wrong NIC because when I unplug the LAN NIC leaving only the NIC to the remote terminal server, the connection works every time.

The IP address for NIC1 is static and is a different subnet, IP range, gateway from NIC2
NIC2 is static and is the same for the LAN.

Phonebuff can you give more details on: "You will probably need to add a static route to the system to always use the a specific NIC for a specific route with the command "
I started with Experts Exchange in 2004 and it's been a mainstay of my professional computing life since. It helped me launch a career as a programmer / Oracle data analyst
William Peck
Shane McKeown

Ok so they are different IP's, can you from the pc you are connecting from not just enter the IP address assigned to NIC2 in this case?

If you pull NIC1 from the network and it works, this tells me you must have a route to NIC2 already somewhere on the network(i.e. the router)?
Phonebuff

route add [RDP TARGET] MASK 255.255.255.255 [NIC1 IP]

or

route add [RDP TARGET SUBNET] MASK 255.255.255.n [NIC1 IP]

http://technet.microsoft.com/en-us/library/cc757323%28v=ws.10%29.aspx
jbasiliere67

ASKER
Hi,

Sorry I have not gotten back to this.  Here is a network diagram of what I am trying to accomplish.  From within My Location I have user1 and user2 logging on to TS1 from TS2.  This is now working although I didn't add a static route.  Next I want to be able to allow User3 at a different location to VPN to my location and sign in as users 1 & 2 do now.  It seems that only users at my location can sign onto TS1 from TS2.  When I go through the VPN remote desktop disconnects.

Ideas?
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
jbasiliere67

ASKER
Here is the attachment......
net-0001.pdf
Phonebuff

Best guess based on what you provided is that the PIX does not permit  the RDP active protocol Port TCP/3389.

http://windows.microsoft.com/en-us/windows7/allow-remote-desktop-connections-from-outside-your-home-network
Shane McKeown

What do you mean 'When I go through the VPN remote desktop disconnects'

You mean you can't access TS2? Or you can access TS2 but not TS1?

What IP subnet is VPN on? You need to ensure you are allowing access to the local subnet(I assume is 192.168.2.0/24) from the VPN
This is the best money I have ever spent. I cannot not tell you how many times these folks have saved my bacon. I learn so much from the contributors.
rwheeler23
jbasiliere67

ASKER
I can access TS2 with RDP (or any other machine at this location) through the VPN.  However, as soon as I attempt to connect to TS1 within a TS2 RDP sesssion, the TS2 RDP disconnects.

This only happens when VPN ing into the LAN.  From user1, 2 or any other machine on the network I can RDP to TS2 and then from there to TS1 without a problem.  In fact if I RDP to another machine on the LAN through VPN and then RDP to TS2, the connection to TS1 works fine.  It's as if the only way it doesn't work is VPN to TS2 then RDP to TS1 - which is how I need it to work.

I do appreciate the help - it's driving me nuts!
SOLUTION
Phonebuff

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
SOLUTION
Log in to continue reading
Log In
Sign up - Free for 7 days
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
jbasiliere67

ASKER
Good call but it is different VPN subnet 172.0.0.0 and remote network is 192.168.5.0/24
Shane McKeown

Feck...hard one...

I'm just re-reading your original post
'The problem is that the connection to the remote  terminal server does not always connect.  When I disconnect the LAN connection the remote connection works every time. It seems as though when both network interfaces are connected Remote Desktop does not "know" which one to use'

When you 'disconnect the LAN connection' - what do you mean by this again?

I understand from your diagram you are RDP'ing to TS2 in order to get to TS1 - is this still correct? Bit confused by the above statement in that case...
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
jbasiliere67

ASKER
I know this is confusing......sorry.  I am going to try to rewrite this thing a bit more clearly in the next couple of days.  

"When I disconnect the LAN connection".....in other words when I work directly on TS2 in a console session the connection to TS1 works everytime.  It works but is useless because I need to be able to VPN from a remote location and RDP from there to TS2 and them finally to TS1.

When I connect the lan and VPN/RDP to TS2 that works fine as well.  But as soon as I click the remote desktop to TS1 the connection to TS2 quits.

Now to add more confusion.....

If I VPN/RDP to any other machine on the same LAN as TS2 and from that machine RDP to TS2 and then to TS1 everything works fine.  I just don't want to have to add that 3rd RDP to the loop to make everything work.
Shane McKeown

Ok, with you now...

Yes very confusing...if I get a chance i'll see if I can mimic your setup on my side and test to see if it does the same thing cause I am out of ideas...
ASKER CERTIFIED SOLUTION
Log in to continue reading
Log In
Sign up - Free for 7 days
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
jbasiliere67

ASKER
In any case, I made a workaround.  By first connecting to another machine on the LAN then to TS2 then to TS1.  Everything works.

Thanks for everyone's help.

John
Experts Exchange is like having an extremely knowledgeable team sitting and waiting for your call. Couldn't do my job half as well as I do without it!
James Murphy
jbasiliere67

ASKER
The work around led me to the conclusion that the external firewall was the issue