[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Remote Desktop With Cisco RVS4000 V2 Router

Posted on 2012-08-22
63
Medium Priority
?
537 Views
Last Modified: 2014-03-19
I want to use remote desktop to access our server so I can remotely manage some accounts and activities. We are using a Cisco RVS4000 V2 Router and I don't see where I can set up the port forwarding. Is there something else I need to do with this router to enable Remote Desktop? The server is running Windows Server 2008 R2.

Thank you!

Robert
0
Comment
Question by:Robert Ehinger
  • 31
  • 30
62 Comments
 
LVL 9

Expert Comment

by:Mike
ID: 38321317
Go to Firewall, Port Fowarding is under that.
0
 
LVL 17

Expert Comment

by:Brad Bouchard
ID: 38321584
Follow this advice I gave to another user, and you'll be fine:

http://www.experts-exchange.com/Hardware/Networking_Hardware/Firewalls/Q_27798379.html
0
 

Author Comment

by:Robert Ehinger
ID: 38324809
Shadowless127 - is that the firewall on the server or the remote computer or both?
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 

Author Comment

by:Robert Ehinger
ID: 38324821
xBouchardx - is ASDM already part of the router configuration or will I need to install it?
0
 
LVL 17

Expert Comment

by:Brad Bouchard
ID: 38325093
You will need to install it, it's basically the GUI.  You can navigate to the IP of the Cisco through a web browswer and should be able to get it.
0
 

Author Comment

by:Robert Ehinger
ID: 38330084
OK, I see the port forwarding under the firewall. Do I use Single Port Forwarding or Port Range Forwarding? I am attaching a screen shot from the Single Port Forwarding. The IP address is that of the server that I want remote access to. I hope that is correct. I have tried the address of the server, the IP address of the router and the server's public IP but I cannot connect remotely with any of them. Is the port # correct? What about the Application? Should I check the enable box? I have tried it both ways.
Port-Forwarding.jpg
0
 
LVL 17

Expert Comment

by:Brad Bouchard
ID: 38333543
Use Single Port Forwarding

Use both TCP and UDP

Check the box that says Enabled next to it

It will work then...
0
 

Author Comment

by:Robert Ehinger
ID: 38336082
My choices are TCP or UDP. I cannot select both on the same line. If I try to add the UDP port when I try to save it I get the error message ""Policy 13 and 14 are the same." No matter which one I enable or disable I cannot connect. I was able to do this with no problem using a Cisco WRT120N wireless router but ever since we changed to this  Cisco RVS4000 V2 Router I have been unable to successfully connect remotely. What am I missing here?

Thanks!
0
 
LVL 17

Expert Comment

by:Brad Bouchard
ID: 38336715
Use TCP then, and forward 3389 to the internal IP of the server you want to connect to.  Make sure it's enabled, then you need to allow remote desktop traffic IN to your Cisco.  I have a feeling it isn't open.  Look for access rules, or access policies or something like that.

If you'd like I can remotely connect and help you out.
0
 

Author Comment

by:Robert Ehinger
ID: 38336945
If you are there right now then lets try connecting.
0
 
LVL 17

Expert Comment

by:Brad Bouchard
ID: 38341470
Sorry, I wasn't available.  Let's try tonight around 8:30-9 p.m.  I am on Mountain Standard Time (-7)
0
 

Author Comment

by:Robert Ehinger
ID: 38341515
I will be out of town then. Where should I be looking for the Access rules etc. I will be there first thing in the morning to take a look.
0
 
LVL 17

Expert Comment

by:Brad Bouchard
ID: 38341876
Check IP Based ACL, and Internet Access Policy (the two options above Single Port Forwarding)

Let me know.
0
 

Author Comment

by:Robert Ehinger
ID: 38345076
Here are screen shots of the current settings for these entries.
ACL.jpg
Internet-Access-Policy.jpg
0
 
LVL 17

Expert Comment

by:Brad Bouchard
ID: 38346016
Again, make sure that your single port forwarding rule is enabled, which I'm sure you said it was in an earlier post, then do one other thing that I may have overlooked.  Right click My Computer on the server > Properties > Remote

Make sure that allow connections from computers running any version of Remote Desktop is checked.  See attached screenshot for reference.

allowremoteconnections
If that's checked then let me know and we'll go back over your settings, perhaps remotely with us both connected if we can coordinate it.  If that's not check, or any other option but that is checked, check it and try it and it should work.  Also, make sure that your user account is allowed to remote to that computer.
0
 

Author Comment

by:Robert Ehinger
ID: 38346903
OK, initially "Allow Remote Assistance connections to this computer" was greyed out so I installed that Windows feature and then checked the box. My screen looks like your now but still no remote access.
0
 

Author Comment

by:Robert Ehinger
ID: 38349988
Also, I am using the Administrator account which is supposed to be allowed by default.
0
 
LVL 17

Expert Comment

by:Brad Bouchard
ID: 38350645
Remote Assistance isn't needed and is a different feature altogether.  If the bottom half of yours looks like mine now where you have checked "Allow remote connections from computers running any version of Remote Desktop" then we're good.

So you're basically going to Remote Desktop and typing in your public IP and it won't connect?  Can you please provide me your public IP?
0
 

Author Comment

by:Robert Ehinger
ID: 38351101
Your IP Address Is:
67.162.88.238
No Proxy Detected
0
 
LVL 17

Expert Comment

by:Brad Bouchard
ID: 38355715
Try using port range forwarding instead of single port forwarding, but for the range only use 3389.  Send me a screenshot of the settings when you're done.
0
 

Author Comment

by:Robert Ehinger
ID: 38356087
Here it is -
Port-Range.jpg
0
 
LVL 17

Expert Comment

by:Brad Bouchard
ID: 38356095
Check the checkbox next to enable.
0
 
LVL 17

Expert Comment

by:Brad Bouchard
ID: 38356097
Want to do a remote session?  Join.me, or TeamViewer?  Something else...?
0
 

Author Comment

by:Robert Ehinger
ID: 38356272
The reason I am trying to get RDP to work is because Teamviewer does not load on Server 2008. That is what I used on Server 2003. I will put a mark in the checkbox and see what happens.
0
 

Author Comment

by:Robert Ehinger
ID: 38361943
I checked the box and saved but I still cannot remotely connect. For what its worth, I can ping the IP address.
0
 
LVL 17

Expert Comment

by:Brad Bouchard
ID: 38379508
Does the IP address resolve to a name?  And, does it give a response back in ping or just destination host unreachable?
0
 

Author Comment

by:Robert Ehinger
ID: 38383985
I get a response when I ping the server.
0
 
LVL 17

Expert Comment

by:Brad Bouchard
ID: 38384021
Turn Windows Firewall completely off for all connections on the server.  Then try it.
0
 
LVL 17

Expert Comment

by:Brad Bouchard
ID: 38386669
Robert,

I'm still here and helping you by the way.  What did turning off Windows Firewall do for you?  Let me know so we can keep troubleshooting.
0
 
LVL 17

Expert Comment

by:Brad Bouchard
ID: 38393118
Any updates?
0
 

Author Comment

by:Robert Ehinger
ID: 38393267
I will turn off the firewall tomorrow and let you know.
0
 

Author Comment

by:Robert Ehinger
ID: 38402350
Firewall was already turned off.
0
 
LVL 17

Expert Comment

by:Brad Bouchard
ID: 38411039
Sorry for the delayed response.  Firewall turned off for all connections both incoming/outgoing?

And just so I'm clear, you have enabled (by checking the check box next to each) both rules you created under single and port range forwarding?

This sounds dumb as well, but try on your ACL creating a rule that allows Remote Desktop (3389) through to the LAN for your Server instead of having all services open for all interfaces.
0
 
LVL 17

Expert Comment

by:Brad Bouchard
ID: 38411060
One more thing Robert.  After you do my last suggestion (above) then go to this website:

http://canyouseeme.org/

Put in port 3389 and click the "Check Your Port" button

Let me know the results, preferable a screenshot.
0
 
LVL 17

Expert Comment

by:Brad Bouchard
ID: 38411065
This sounds dumb as well, but try on your ACL creating a rule that allows Remote Desktop (3389) through to the LAN for your Server instead of having all services open for all interfaces.

Let me also clarify even further to not delete the two ACLs there already, just add this in addition to them.
0
 

Author Comment

by:Robert Ehinger
ID: 38414212
I will be back at the school Friday evening and I will try these suggestions and provide feedback. Thank you!
0
 

Author Comment

by:Robert Ehinger
ID: 38424911
The error when checking the port is - Error: I could not see your service on 67.162.88.238 on port (3389)
Reason: Connection timed out

In the ACL list I do not see RDP or remote desktop
0
 
LVL 17

Expert Comment

by:Brad Bouchard
ID: 38429077
That is the problem then, you have not allowed Remote Desktop through your firewall to your LAN and it is still blocking it.  You need to add that rule that allows it.  If you don't see RDP or remote desktop, just use port 3389 and give it your own name if you need to.  Computers by default know that 3389 is RDP.
0
 

Author Comment

by:Robert Ehinger
ID: 38447450
I am completely confused now. I am sending screen shots of what I see under the firewall settings that we have been discussing.
Basic-Settings.jpg
Edit-IP-Based-ACL.jpg
Edit-List-of-PCs.jpg
Internet-Access-Policy.jpg
IP-Based-ACL.jpg
0
 
LVL 17

Expert Comment

by:Brad Bouchard
ID: 38447466
Try adding a new rule under IP Based ACL and use these settings

3     Checkmark      Allow    RDP/Terminal Services     WAN      Any    IPOFYOURSERVER  Any Any
0
 
LVL 17

Expert Comment

by:Brad Bouchard
ID: 38488596
Any luck Robert?
0
 

Author Comment

by:Robert Ehinger
ID: 38504052
Still no luck.
0
 
LVL 17

Expert Comment

by:Brad Bouchard
ID: 38517876
What is the subnet of your public IP?  I can further investigate.
0
 

Author Comment

by:Robert Ehinger
ID: 38531988
.6 it changes periodically.
0
 
LVL 17

Expert Comment

by:Brad Bouchard
ID: 38532266
No, I mean the Subnet Mask of 67.162.88.238

It should look like
67.162.88.238 <-- 1 of your IPs
255.255.255.248 <-- Subnet
67.162.88.xxx < -- Gateway
0
 

Author Comment

by:Robert Ehinger
ID: 38532728
255.255.255.0

All IPs are in the 192.168.0.xxx  range.
0
 
LVL 17

Expert Comment

by:Brad Bouchard
ID: 38534510
But the subnet of your public IP, meaning, what is the subnet associated with the 67.162.88.238 address from your ISP?
0
 

Author Comment

by:Robert Ehinger
ID: 38534739
OK, I am not exactly sure where to find that. I went to Status and Gateway on the router and this is what I found -

Connection type is DHCP
IP Address is 10.1.x.xx
Subnet Mask is 255.255.255.0
0
 
LVL 17

Expert Comment

by:Brad Bouchard
ID: 38534844
You will have to call your ISP and ask them.  When you do, ask them for your IP range block, your subnet, and your gateway.
0
 

Author Comment

by:Robert Ehinger
ID: 38535472
When I called Comcast they told me that I can set the address range of the modem where I want it in the 10.0.x.xxx range.
0
 
LVL 17

Expert Comment

by:Brad Bouchard
ID: 38536139
Let me know when you want to do a remote session and we can.  That way I can better help you as I think you're a little confused.
0
 

Author Comment

by:Robert Ehinger
ID: 38536345
OK. When are you usually available? And we have to work around school hours.
0
 
LVL 17

Expert Comment

by:Brad Bouchard
ID: 38536861
I can work late at night if you want which would be off of school hours.  I'm located in Montana so the current time is 4:32 p.m.  We could do something tomorrow night around 9 p.m. or so.
0
 

Author Comment

by:Robert Ehinger
ID: 38588516
I will need to see when I can get there of an evening. What is your availability this next week - including possibly Saturday morning?
0
 
LVL 17

Expert Comment

by:Brad Bouchard
ID: 38596488
Saturday morning would have to be early, like 8:30 a.m. Mountain Standard Time (Montana).
0
 

Author Comment

by:Robert Ehinger
ID: 38622110
Sorry, I got tied up with family stuff and this weekend won't work either. How about Saturday morning Dec 1?
0
 
LVL 17

Expert Comment

by:Brad Bouchard
ID: 38687877
Make sure that if you have any other rules that this rule is listed above any of those other ones.  That is the one last big obvious thing I forgot.  By this I mean, make sure that this rule is listed above any other as it will take precedence that way.
0
 

Author Comment

by:Robert Ehinger
ID: 38738238
Not sure what rule you are referring to but I will be at the school this coming Saturday morning if you still want to take a look at this.
0
 
LVL 17

Expert Comment

by:Brad Bouchard
ID: 39081765
Long time no see.  Haha.  Anyway, I'm available again, we should try to do a remote connection and get this thing solved.  Let me know.
0
 

Author Comment

by:Robert Ehinger
ID: 39321734
I was away for awhile and just rejoined EE. I will get back to this soon and provide feedback.
0
 

Accepted Solution

by:
Robert Ehinger earned 0 total points
ID: 39631680
This problem has not been resolved so I subscribed to logmein and am using that for remote access. I suggest this question be closed.
0
 

Author Closing Comment

by:Robert Ehinger
ID: 39939067
None of the suggested solutions worked so I am using a 3rd party application to accomplish the same thing.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In the hope of saving someone else's sanity... About a year ago we bought a Cisco 1921 router with two ADSL/VDSL EHWIC cards to load balance local network traffic over the two broadband lines we have, but we couldn't get the routing to work consi…
How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question