• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 473
  • Last Modified:

Server 2008r2 Terminal Server only accepting local connections

The local LAN and Terminal Server recently underwent a internal IP address conversion but it was working for a couple days after the fact.  Then suddenly yesterday it started only accepting LAN addresses.  Anyone connecting from another site or externally to the company receives the error.  "Remote Desktop can't connect to the remote computer for one of these reasons:"

So, Immediately I think Firewall.  The firewall is disabled on the terminal server.  All profiles, domain, private and public profiles are off.  Then I think it must be the perimeter firewall, but if that were the case then the remote site should still work.  I did check the perimeter firewall as well and the security and nat policies are correct.

I did several telnet tests externally and I can see the traffic going through the firewall fine.  However, nothing shows up in the event logs on the terminal server for these connections.  So the traffic does not look to be making it to the server at all but I can't find what that would be.

There is a server based AV running (kasperski) but it doesn't have a firewall component installed.  I have tried disabling that as well without any change.

I can't figure this out!!
0
-Darvin-
Asked:
-Darvin-
  • 2
1 Solution
 
-Darvin-Author Commented:
I have since uninstalled kasperski and enabled / disabled the windows firewall service with no changes in behavior.
0
 
-Darvin-Author Commented:
I FINALLY found the solution to this problem!  I was checking connectivity on the server and it said it had internet access but I found I was unable to ping external addresses by name or IP.  I can hardly believe none of the internal users mentioned that internet access was down from that server but it was.

I checked the network connection and all seemed well.  The static address, DNS and gateway were all correct.  The network and sharing map showed we did have internet access but in fact did not.

IPConfig /all showed the problem.  In the default gateway area two addresses were listed 0.0.0.0 and our normal gateway below.

I did route delete 0.0.0.0 to remove it and it did but also removed our normal default gateway.  I re-assigned that back to the nic.  I was then able to ping external names and addresses as well as connect normally.

Hope this helps someone else because it made me miserable.
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now