Solved

Access to RDP Server from outside shows IIS7 Page from SBS Server

Posted on 2013-06-30
8
1,267 Views
Last Modified: 2013-06-30
Hi all,

We've got a client with 5 2008 Servers and a new 2011 SBS server which we have just installed and created a new domain.  We've joined all other 2008 servers to the domain and kept all IP addresses the same as before (the new SBS box was given the IP address of the old SBS box).

The firewall (Watchguard) has not been changed as all IP addresses remain the same but we have an issues access the Remote Desktop Server which we used to access via http://rdpserver.domain.com.  All we get now is the IIS7 splash screen which I assume is the 2011 SBS box.

Can anyone please help as to how we can get remote access to the remote server and stop the SBS box from responding?

Thanks

Adam
0
Comment
Question by:amlydiate
8 Comments
 
LVL 12

Expert Comment

by:Henk van Achterberg
ID: 39288159
0
 
LVL 25

Expert Comment

by:Zephyr ICT
ID: 39288163
Did you enable Windows Authentication under Authorization settings in IIS, normally to be found under the SBS Web Applications -> RPC virtual web site ... or something, can't really be more precise without seeing it in front of me (no SBS here).
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 39288194
Use httpS:
hettp will return that page, however port 80 should not even be open.

Makes sure also rdpserver is the correct prefix used by the "set up ypur internet address" wizard.  The default is remote, if you changed it under the "advanced" option that is OK.

This should then take you to the RWA page which will then give you access to the TS/RDS server.
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 

Author Comment

by:amlydiate
ID: 39288233
Hi Guys sorry I think I didn't quite explain the issue properly. The RDP server we are trying to connect to is not RDP through RWW on the SBS box but a separate server altogether running 2008 Server.  External DNS points remoteserver.domain.com to the internet IP address of the remote server and the IP address of that server is the one the firewall is pointing to (as none of the IP addresses have changed)

Thanks

Adam
0
 

Author Comment

by:amlydiate
ID: 39288255
Thought I'd give you some additional information which I think is relevant.

I had to rekey the old UCC SSL certificate which was installed on the old SBS server so that I could set it up on the new server.  I noticed that one of the alternative names on the old certificate was remoteserver.domain.com so I made sure I added that to the newly keyed certificate and installed that on the new server.  When I try to log on to https://remoteserver.domain.com I now get a "There is a problem with the website's security certificate" and I can't progress any further.  I also get an error when I try to RDP onto the remote server from inside the network and get the error "Your remote desktop connection failed because the computer cannot be authenticated. The certificate has been revoked and is not safe to use"

So I'm assuming it's an SSL problem but don't know what to do next, I'm guessing I can't install the UCC certificate on the SBS box onto the remote server as well....?
0
 
LVL 77

Accepted Solution

by:
Rob Williams earned 500 total points
ID: 39288263
I am not quite sure how you would proceed from here.

An SBS 2008/2011 network makes use of the TS Gateway service.  As a result the normal method to connect to the RDP server would be to insall a single name cert on the SBS using the wizard, as per:
http://blog.lan-tech.ca/2012/05/17/sbs-2008-2011-adding-an-ssl-certificate/

Once done you would either connect to the SBS site using  remote.domain.com (or your custom prefix) and then using RWA connect to the TS/RDS server.....

Or, connect directly to the TS/RDS server using  the RDP client and configure the TSgateway option under advanced.

Using a UCC certificate should make your configuration work, but UCC certs on SBS are not a documented procedure, though it can be done.  Alternatively, do you have 2 public IP's?  If so you could use a separte IP and cert on the TS/RDS server.

Perhaps someone else can advise on the correct procedure for installing a UCC cert, if you would like to go that way.  Be careful though, incorrectly installing the certificate can 'break' other SBS services.
0
 

Author Closing Comment

by:amlydiate
ID: 39288286
Thanks Rob Will have raised a new question now that I think I know where the issue lies (28171836) will award points to you for your help so far.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 39288292
Thanks amlydiate.  Sorrry I was not much help.  There should be no need to install a cert on the TS itself as it is accessed through the TS Gateway service on the SBS, even if directly.  If you are making use of TS Web Aps, even that is accessed through the TS Gateway.  The following may be of some help.

All the best.
--Rob
0

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are a user of the discontinued Microsoft Office Accounting 2008 (MSOA) and have to move to a new computer running Windows 8, you will be unhappy to discover that it won't install.  In particular, Microsoft SQL Server 2005 Express Edition (SSE…
Possible fixes for Windows 7 and Windows Server 2008 updating problem. Solutions mentioned are from Microsoft themselves. I started a case with them from our Microsoft Silver Partner option to open a case and get direct support from Microsoft. If s…
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…
How to install and configure Citrix XenApp 6.5 - Part 1. In this video tutorial we have explained step by step installation of Citrix XenApp 6.5 Server on Windows Server 2008 R2 is explained in this video. We have explained the difference between…

829 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question