Access to RDP Server from outside shows IIS7 Page from SBS Server

Posted on 2013-06-30
Last Modified: 2013-06-30
Hi all,

We've got a client with 5 2008 Servers and a new 2011 SBS server which we have just installed and created a new domain.  We've joined all other 2008 servers to the domain and kept all IP addresses the same as before (the new SBS box was given the IP address of the old SBS box).

The firewall (Watchguard) has not been changed as all IP addresses remain the same but we have an issues access the Remote Desktop Server which we used to access via  All we get now is the IIS7 splash screen which I assume is the 2011 SBS box.

Can anyone please help as to how we can get remote access to the remote server and stop the SBS box from responding?


Question by:amlydiate
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
LVL 12

Expert Comment

by:Henk van Achterberg
ID: 39288159
LVL 25

Expert Comment

by:Zephyr ICT
ID: 39288163
Did you enable Windows Authentication under Authorization settings in IIS, normally to be found under the SBS Web Applications -> RPC virtual web site ... or something, can't really be more precise without seeing it in front of me (no SBS here).
LVL 77

Expert Comment

by:Rob Williams
ID: 39288194
Use httpS:
hettp will return that page, however port 80 should not even be open.

Makes sure also rdpserver is the correct prefix used by the "set up ypur internet address" wizard.  The default is remote, if you changed it under the "advanced" option that is OK.

This should then take you to the RWA page which will then give you access to the TS/RDS server.
DevOps Toolchain Recommendations

Read this Gartner Research Note and discover how your IT organization can automate and optimize DevOps processes using a toolchain architecture.


Author Comment

ID: 39288233
Hi Guys sorry I think I didn't quite explain the issue properly. The RDP server we are trying to connect to is not RDP through RWW on the SBS box but a separate server altogether running 2008 Server.  External DNS points to the internet IP address of the remote server and the IP address of that server is the one the firewall is pointing to (as none of the IP addresses have changed)



Author Comment

ID: 39288255
Thought I'd give you some additional information which I think is relevant.

I had to rekey the old UCC SSL certificate which was installed on the old SBS server so that I could set it up on the new server.  I noticed that one of the alternative names on the old certificate was so I made sure I added that to the newly keyed certificate and installed that on the new server.  When I try to log on to I now get a "There is a problem with the website's security certificate" and I can't progress any further.  I also get an error when I try to RDP onto the remote server from inside the network and get the error "Your remote desktop connection failed because the computer cannot be authenticated. The certificate has been revoked and is not safe to use"

So I'm assuming it's an SSL problem but don't know what to do next, I'm guessing I can't install the UCC certificate on the SBS box onto the remote server as well....?
LVL 77

Accepted Solution

Rob Williams earned 500 total points
ID: 39288263
I am not quite sure how you would proceed from here.

An SBS 2008/2011 network makes use of the TS Gateway service.  As a result the normal method to connect to the RDP server would be to insall a single name cert on the SBS using the wizard, as per:

Once done you would either connect to the SBS site using (or your custom prefix) and then using RWA connect to the TS/RDS server.....

Or, connect directly to the TS/RDS server using  the RDP client and configure the TSgateway option under advanced.

Using a UCC certificate should make your configuration work, but UCC certs on SBS are not a documented procedure, though it can be done.  Alternatively, do you have 2 public IP's?  If so you could use a separte IP and cert on the TS/RDS server.

Perhaps someone else can advise on the correct procedure for installing a UCC cert, if you would like to go that way.  Be careful though, incorrectly installing the certificate can 'break' other SBS services.

Author Closing Comment

ID: 39288286
Thanks Rob Will have raised a new question now that I think I know where the issue lies (28171836) will award points to you for your help so far.
LVL 77

Expert Comment

by:Rob Williams
ID: 39288292
Thanks amlydiate.  Sorrry I was not much help.  There should be no need to install a cert on the TS itself as it is accessed through the TS Gateway service on the SBS, even if directly.  If you are making use of TS Web Aps, even that is accessed through the TS Gateway.  The following may be of some help.

All the best.

Featured Post

Resolve Critical IT Incidents Fast

If your data, services or processes become compromised, your organization can suffer damage in just minutes and how fast you communicate during a major IT incident is everything. Learn how to immediately identify incidents & best practices to resolve them quickly and effectively.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

At the beginning of the year, the IT world was taken hostage by the shareholders of LogMeIn. Their free product, which had been free for ten years, all of the sudden became a "pay" product. Now, I am the first person who will say that software maker…
Let’s list some of the technologies that enable smooth teleworking. 
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

724 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question