RWW Issue

Posted on 2012-08-21
Last Modified: 2012-11-07
HI Experts,

I have another tech that has asked me to allow a connection to RWW for a particular IP address however the router is set to allow any so I cant see that being the problem

What is happening they are now making the users from Sydney to use Melbourne to go thorough a proxy server in Melbourne...

Below is the info the other tech has sharded with me -
What is happening is:

Web traffic is going through one IP address when Ken connects.
RDP is pushed through a different IP address and the server at your end kills the connection.

What has changed is the connection for Web traffic now runs through Melbourne and not Sydney so the IP differs for Web and RDP connection

Update on this question the only thing left to do is create a GPO for this ip in the SBS firewall can someone guide me on that please

Question by:it_fan
    LVL 18

    Expert Comment


    I don't know if I fully understand your question. If you're able to break it down further so I (and we) can understand better. I have a few questions about your scenario:

    Am I to assume that the person who wants to access RWW is remote to the organisation?
    Can they login to the RWW portal?
    Is the PC they want to logon to in the same subnet as the SBS?
    From a gateway point of view, only TCP 443 needs to be opened up on the router. Once authenticated the server will make the TCP 3389 connection to the PC and bridge the connection. If there is a proxy involved is it providing proxy for all traffic or just HTTP and HTTPS?
    Are you able to exclude the PC in question from the proxy, to see if this is your issue?

    Author Comment

    Yes the person is remote and can log in from anywhere else just not when he is consulting for this other office in Sydney.

    This is what the other tech on the other sent through yesterday via email... on our end we have no proxy server to clear that up.

    "The issues is not at our end, your external system will not accept a connection from 2  ip addresses at one time when you remote in"

    The external system being my clients sbs2003 server I have the netgear modem modem ports open and to accept incmoing connections from any IP I am wondering if this modem cannot handle two IP addresses coming in on the one coennection ( hope you understand what they are trying to achieve as it has got me stumped why they would do that or even how that is possible.
    LVL 74

    Accepted Solution

    I totally understand what you are saying, and I believe that Netflo does as well... but I don't think you understand how RWW works.  Here's a good picture that will help to explain:

    RWW Routing
    So you see -- there isn't any moment where there are connections from 2 IP addresses.  It is a proxy which occurs at the SBS.

    Please send this picture to whoever is telling you that.


    Author Comment

    Hi Jeff & Netflo,

    Thanks for the explanation and pic!!! that helps me to understand it better you’re right I didn’t have a full grasp of the situation…. But I do now thanks to you two!!!

    Just to be clear this has worked fine for 3 years logging in via RWW its only since they made their changes.

    So what is he saying with this statement do you read this as I do then? That it is utter rubbish why would a sbs server drop a connection when the router is set to receive from any IP address.

    "The issues is not at our end, your external system will not accept a connection from 2 ip addresses at one time when you remote in" So before I tell him he is full of it…. do you concur that whatever is happening on his proxy is not happening when it leaves his Melb server its leaving as 1 ip address and hits my clients sbs server.

    Is it worth my while installing wireshark or similar and get him to attempt to connect would that be of use or a waste of my time because the issue really is on the Melb end?

    Until they changed the way he logged into his sbs server from Sydney>Home to go from SYD>MELB>Home instead.

    Sorry guys this is beyond me and that’s why I have come to you thanks in advance.
    LVL 74

    Expert Comment

    by:Jeffrey Kane - TechSoEasy
    So, now when I reread your statement I do think I see what the problem is... if they've implemented a new proxy server that this user is behind when trying to access RWW there can be a problem.

    This is the explanation of what is happening:
    "When you connect to RWW, it knows your source IP as you’ve connected on port 443 – later when the activeX control makes the connection via port 4125, it checks to see that the inbound connection is coming from the same IP as the 443 connection – if not then it terminates the connection. This can be a problem though if the user is coming through any form of proxy server that is interfering with ports 80 and 443 – the IP will not match with that for 4125 and it will fail as described."

    (From here:

    So, send that to the person managing the proxy server along with the link to this posting:


    Author Comment

    Thas sounds logical...

    I will forward the link thanks Jeff its giving me a better idea on what could be happening.

    Any idea on how to correct? I am assuming the other IT guy with the proxy server needs to make a change of some sort?
    LVL 74

    Expert Comment

    by:Jeffrey Kane - TechSoEasy
    yep, let him deal with it.

    Author Comment

    thankyou exactly what I was after
    LVL 67

    Expert Comment

    I've requested that this question be closed as follows:

    Accepted answer: 350 points for TechSoEasy's comment #a38393961

    for the following reason:

    This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.

    Author Closing Comment

    Sorry havent been on for a while actually just spoke to the client about this yesterday...
    THe People on the Melbourne end refuse to believe that they are incorrect my client has to use his laptop with a w-less usb stick to log on but I thankyou for allyour assistance at least I undersatnd it a lot better thanks Jeff

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Top 6 Sources for Identifying Threat Actor TTPs

    Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

    Suggested Solutions

    The articles for turning off the Client firewall policy on the internet are for SBS 2008 and don't really help for SBS 2011. They actually moved the Client firewall policy. In 2011, the client firewall policy has moved to the SBS computers conta…
    This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
    Sending a Secure fax is easy with eFax Corporate ( First, Just open a new email message.  In the To field, type your recipient's fax number You can even send a secure international fax — just include t…
    This video discusses moving either the default database or any database to a new volume.

    759 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    13 Experts available now in Live!

    Get 1:1 Help Now