Solved

HELP PLEASE!!! I can't do a Remote Desktop Connection "RDC" to my Windows Server 2008 with a PPPoE conection and Nat in RRAS

Posted on 2013-01-03
15
1,136 Views
Last Modified: 2013-01-08
Hi everibody!!!

I have some issues with the connection of my Windows Server 2008, so, if anybody can help me i'll appreciate a lot, Thanks in advance!!!
So, this is the problem:
I'm unable to connect to my server through Remote Desktop Connection and i even can't ping my server, the strange thing is that i can connect to internet, in fact, i wrote this message on my server. I even share the internet by NAT to my LAN and it works.

First of all, i have a windows server 2008 with two NICs installed, the first one is the WAN card (whit the ip 172.16.1.1) and the second one is the LAN card (whit the ip 192.168.1.254). The internet conection is configured by PPPoE in the Routing and Remote Access Service RRAS  and i share it by NAT to the LAN.

To give you more clarity this is my topology:

in bridge mode-------- with a PPPoE connection
           ll                    and static IP 201.99.39.49
ADSLmodem============SERVER=================SWITCH=====PC
                                          WAN   LAN
172.16.1.254/2--172.16.1.1/24----192.168.1.254/24-------192.168.1.253

More specific, my DSL modem is in a bridge mode (and with a private direction IP 172.16.1.254) then it connect with my server through WAN card and then i share the internet to the LAN with the second card and NAT.

This is the ipconfig/all, is in spanish sorry for that :s

Configuración IP de Windows

   Nombre de host. . . . . . . . . : Distribuidoraserver
   Sufijo DNS principal  . . . . . :
   Tipo de nodo. . . . . . . . . . : difusión
   Enrutamiento IP habilitado. . . : sí
   Proxy WINS habilitado . . . . . : no

Adaptador PPP PPPoE:

   Sufijo DNS específico para la conexión. . :
   Descripción . . . . . . . . . . . . . . . : PPPoE
   Dirección física. . . . . . . . . . . . . :
   DHCP habilitado . . . . . . . . . . . . . : no
   Configuración automática habilitada . . . : sí
   Dirección IPv4. . . . . . . . . . . . . . : 201.99.39.49(Preferido)
   Máscara de subred . . . . . . . . . . . . : 255.255.255.255
   Puerta de enlace predeterminada . . . . . : 200.38.193.226
   Servidores DNS. . . . . . . . . . . . . . : 200.33.146.233
                                       200.33.146.169
   NetBIOS sobre TCP/IP. . . . . . . . . . . : deshabilitado

Adaptador de Ethernet Lan:

   Sufijo DNS específico para la conexión. . :
   Descripción . . . . . . . . . . . . . . . : Intel(R) 82574L Gigabit Network C
onnection #2
   Dirección física. . . . . . . . . . . . . : 34-40-B5-8B-85-8A
   DHCP habilitado . . . . . . . . . . . . . : no
   Configuración automática habilitada . . . : sí
   Dirección IPv4. . . . . . . . . . . . . . : 192.168.1.254(Preferido)
   Máscara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . :
   Servidores DNS. . . . . . . . . . . . . . : 8.8.8.8
                                       8.8.4.4
   NetBIOS sobre TCP/IP. . . . . . . . . . . : habilitado

Adaptador de Ethernet WAN:

   Sufijo DNS específico para la conexión. . :
   Descripción . . . . . . . . . . . . . . . : Intel(R) 82574L Gigabit Network C
onnection
   Dirección física. . . . . . . . . . . . . : 34-40-B5-8B-85-89
   DHCP habilitado . . . . . . . . . . . . . : no
   Configuración automática habilitada . . . : sí
   Vínculo: dirección IPv6 local. . . : fe80::c902:df38:fa4c:19bb%10(Preferido)

   Dirección IPv4. . . . . . . . . . . . . . : 172.16.1.1(Preferido)
   Máscara de subred . . . . . . . . . . . . : 255.255.0.0
   Puerta de enlace predeterminada . . . . . :
   IAID DHCPv6 . . . . . . . . . . . . . . . : 221528245
   DUID de cliente DHCPv6. . . . . . . . . . : 00-01-00-01-30-E1-BF-85-34-40-B5-
8B-85-89
   Servidores DNS. . . . . . . . . . . . . . : 8.8.8.8
                                       8.8.4.4
   NetBIOS sobre TCP/IP. . . . . . . . . . . : habilitado

Adaptador PPP RAS (Dial In) Interface:

   Sufijo DNS específico para la conexión. . :
   Descripción . . . . . . . . . . . . . . . : RAS (Dial In) Interface
   Dirección física. . . . . . . . . . . . . :
   DHCP habilitado . . . . . . . . . . . . . : no
   Configuración automática habilitada . . . : sí
   Dirección IPv4. . . . . . . . . . . . . . : 192.168.1.60(Preferido)
   Máscara de subred . . . . . . . . . . . . : 255.255.255.255
   Puerta de enlace predeterminada . . . . . :
   IAID DHCPv6 . . . . . . . . . . . . . . . : 257740832
   DUID de cliente DHCPv6. . . . . . . . . . : 00-01-00-01-30-E1-BF-85-34-40-B5-
8B-85-89
   Servidores DNS. . . . . . . . . . . . . . : fec0:0:0:ffff::1%1
                                       fec0:0:0:ffff::2%1
                                       fec0:0:0:ffff::3%1
   NetBIOS sobre TCP/IP. . . . . . . . . . . : deshabilitado

Adaptador de túnel Conexión de área local* 14:

   Sufijo DNS específico para la conexión. . :
   Descripción . . . . . . . . . . . . . . . : Adaptador 6to4 de Microsoft
   Dirección física. . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP habilitado . . . . . . . . . . . . . : no
   Configuración automática habilitada . . . : sí
   Dirección IPv6 . . . . . . . . . . : 2002:c963:2731::c963:2731(Preferido)
   Puerta de enlace predeterminada . . . . . : 2002:c058:6301::c058:6301
   Servidores DNS. . . . . . . . . . . . . . : 200.33.146.233
                                       200.33.146.169
   NetBIOS sobre TCP/IP. . . . . . . . . . . : deshabilitado


So, all the things work right, the only problem is that i can't connect to my server by RDC, and as i said, i can't ping my server from any other computer IN INTERNET. Of course, the firewall is disabled.

If some one needs any other thing or information please let me know.

I hope that someone can help my, have a nice day and thank for your time. Best!!

Andres Becker
0
Comment
Question by:Andres_Becker
  • 7
  • 4
  • 3
  • +1
15 Comments
 

Expert Comment

by:Sebastianpervan
ID: 38743464
Hi Andres,

so just to clarify, you want to be able to connect from internet to your server via RDP?
I must say I have never done it by PPPoE, ussualy I would go with static NAT and port fowarding in smaller bussines or home enviroment (configured on ADSL modem).

Other thing to consider in your configuration is NPS role which holds RRAS, NAT, etc...
I dont know your configuration in NAT, but I would start from there.
If you share your NPS configuration, I maybe be able to help you.

Regards,
Sebastian
0
 
LVL 23

Expert Comment

by:Brian B
ID: 38744176
Since ping doesn't work either, it does sound more like a routing issue than a problem with remote desktop.

I take it there is no other system on the same subnet/vlan as the server that you can use to test?
0
 

Author Comment

by:Andres_Becker
ID: 38744299
d
0
 
LVL 27

Expert Comment

by:Steve
ID: 38744306
Hi Andres_Becker,

Before we look at your issue, we really have to mention that having your server exposed to the internet without a firewall or security device is pretty risky. At least turn the windows firewall back on! Also, you *really* dont want your server to respond to PINGS on the internet.........  so its good that it doesnt respond and you shouldnt try to change that.

Anyway, basic stuff:
1) You know the intenet works. Great stuff.

2) check the server has the right public IP.
Open a browser window and go to a website like http://www.whatsmyip.org/ on the server.
confirm that your server is definately using 201.99.39.49. if it isnt, that may be your problem.

3) Assuming it is, can you RDP to the server from one of your PCs internally to the servers LAN address? if yes, we know RDP is enabled and configured.

4) Next, check the RDP settings to see if you have set it to respond to remote access on the WAN/PPP interface.

Let us know where this takes us and we can diagnose further if necessary.
0
 

Author Comment

by:Andres_Becker
ID: 38744307
First of all, thanks you for your interest and for your response.
Yes i want to connect to my server via RDP, in other word, i want to use it as a terminal server.
I can setup the PPPoE conection as a broadband Internet connection in Windows,
and it works, and then share it using Internet Connection sharing, and it works too. But if you close the session the connection stop to working, so i thought that the best way to set up the connection and share it was via the RRAS and NAT.
I'm new in this, so, if you have a better way to do this i'm glad to listen.
I don't know how to show the NAT configuration, so i'll put her some images so you can see the configuration.
Lan and WAN are physical connections and PPPoE is "virtul" connection over WAN card generali had to set up some static routes because without these the internet doesn't workaAnd the NAT configuration
I not very sure if this images are useful for you Sebastian, so if you need something else please let me know.
Again, thanks alot for your help and have a nice day.
Best!!

Andres Becker
0
 

Author Comment

by:Andres_Becker
ID: 38744390
Hi Tbone!!!
Thanks for your answer.
No, there isn't another computer with this IP, in fact my lab only have 4 computers, the ADSL modem, in bridge mode; the server, with 2 nic's and the PPPoE conection (172.16.1.1---192.168.1.254, and PPPoE ip 201.99.39.49); a switch (very simple without ip); and one computer, with the ip 192.168.1.50.

Indeed, i can connect via Remote Desktop Connection from the pc (192.168.1.50) of my LAN without problems. So you are right, i think that is more a routing and/or NAT problem.

If you need more information please let me know.

Have a nice day Tbone and thanks alot for your help.
Best!!

Andres Becker
0
 

Author Comment

by:Andres_Becker
ID: 38744551
Hi Totallytonto!!!
Thanks for your answer.

First of all thank you for your advices, in fact i dont pretend to leave the firewall open and respondn to PINGs, but because I am setting up the server and doing tests I have the firewall open. I want that my server responds to PINGs from the internet because that tell me that I can have access to the server from internet and then conect to the server via RDP, once I get that I will disable the PINGs and close the firewall.
Yes, i have the correct ip configured in my PPPoE connection.
Yes, i can access to my server via RDP from one of the LAN PC and i can even ping my server from the LAN pc.
In fact, i can setup the PPPoE conection as a broadband Internet connection with the windows wizard (but that isn't what i want), and it works, and i even can access to my server from internet via RDP.

I tried to enable the remote desktop connection of the v irtual PPPoE interface in the RRAS without results, as you can see in the image.
i'm not very sure about the Private Direction (that is the ip of the WAN card), i tried even with the public ip 201.99.39.49 but again without results.
i'm not very sure about the Private Direction (that is the ip of the WAN card), i tried even with the public ip 201.99.39.49 but again without results.

Again, thank you a lot for your help and if you have another advice or you need more information please let me know, have a nice day!!
Best!!

Andres Becker
0
What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 27

Expert Comment

by:Steve
ID: 38745394
have you checked the interfaces enabled in rdp settings?

RDP only works n interfaces selected and the PPP one may not be included by default.
0
 

Author Comment

by:Andres_Becker
ID: 38745570
Hi Totallytonto!!
Thanks for the advice, i was checking what you told me but i can't find where to add a interface to the RDP configuration. I tried to set up the RDP of the PPPoE connection on the NAT, as you can see in the above image (of the above comment), but without results.
Maybe is the internal direction, i don't know... But i think that if i can make my server to respond to PINGs from internet i'll be able to connect to the server.

If you have another suggestion or advice i would glad to listen, and if you need more information please let me know.

Have a nice day and weekend.
Best!!

Andres Becker
0
 
LVL 27

Expert Comment

by:Steve
ID: 38746390
administrative tools > remote desktop services > remote desktop services host configuration

Under connections, right click RDP-TCP and the go to the interfaces tab. this is the list of interfaces/IPs that RDP is accepting connections on.
0
 

Author Comment

by:Andres_Becker
ID: 38747301
Hi Totallytonto!!
I did what you tell me and no, the interface is not in that list (as you can see in the image below).
the blue dialog means: all the network adapters configured with this protocol.
The worst part is that there isn't any option to add another interface, only the two physical interfaces.
as you can see
May be because the PPPoE is a virtual interface... i don't know, the strange is why i can connect to the server via RDP and even ping it from internet if i set up the PPPoE as a broadband connection with the windows wizard and i can not if i set up the PPPoE conection with RRAS.
At this point i don't know what else i can do, any other idea Totally???
Thank you for your time and dedication, and again, if you need any other information please let me know, have a nice weekend!!!
Best!!

Andres Becker
0
 

Accepted Solution

by:
Sebastianpervan earned 500 total points
ID: 38750000
Hi Andres,

It doesn't really help me, because it's not in English... :)
But I belive it is a routing/nat issue and would recommend that you troubleshoot that part.

One thing I would suggest to you is a little different configuration.
1. Drop PPPoE, it's pain in the ass :)
2. configure static IP address on your modem (or if that is not an option, use DYNDNS service to bind DNS name to your modem dynamic IP address)
3. create port forwarding on modem for RDP to your server (or do static NAT on your modem if it allows you) - you can also forward any other port if you need, i.e. port 1723 for VPN connections, etc...

Hope it helps,
Sebastian


I think it is much better and more flexible approach for what you can do with it.
0
 
LVL 27

Expert Comment

by:Steve
ID: 38754144
Yep, thought so. You cannot set RDP to respons on a PPP interface. it's not supported.
0
 

Author Comment

by:Andres_Becker
ID: 38755691
Thanks alot for all your comments and recommendations. Especially for Totallytonto and Sebastaian.
At the end the best way to do my configuration was as Sebastian said, ah yes, the ppp configuration in RRAS is a really pain in the ass ;-) and the simplest way to do something is always the best.
So, have a nice day and again thanks for your help.
Best!!

Andres Becker
0
 

Expert Comment

by:Sebastianpervan
ID: 38756674
Thanks Andres, glad I could at least point you in the right direction ;)
Cheers!
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Some time ago I faced the need to use a uniform folder structure that spanned across numerous sites of an enterprise to be used as a common repository for the Software packages of the Configuration Manager 2007 infrastructure. Because the procedu…
Possible fixes for Windows 7 and Windows Server 2008 updating problem. Solutions mentioned are from Microsoft themselves. I started a case with them from our Microsoft Silver Partner option to open a case and get direct support from Microsoft. If s…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

24 Experts available now in Live!

Get 1:1 Help Now