2012 Essentials Remote Web Access unable to connect to a computer on the network
I have a newly installed 2012 Essentials server that is replacing a 2003 server. Not a migration but a clean install.
Access Anywhere was set up with a cert built from cacert.org. It lists the proper domain name in the subject as remote.domainname.com.
We can connect to https://remote.domainname.com and log in with no problem. We can access folders and documents from the home page. It all works great.
Problems occur when trying to access computers on the network. It just never finds its way to the network. I see all the traffic for the remote access until we launch the computer connection and then there is nothing. The error that the computer can't connect comes up which isn't helpful. There are no logs anywhere.
What I have determined is:
How can I get the remote desktop to launch from the access anywhere website? Does anyone understand how it can launch with a computer name from that page and the remote machine have a clue how to route to the remote network?
Access Anywhere was set up with a cert built from cacert.org. It lists the proper domain name in the subject as remote.domainname.com.
We can connect to https://remote.domainname.com and log in with no problem. We can access folders and documents from the home page. It all works great.
Problems occur when trying to access computers on the network. It just never finds its way to the network. I see all the traffic for the remote access until we launch the computer connection and then there is nothing. The error that the computer can't connect comes up which isn't helpful. There are no logs anywhere.
What I have determined is:
I can connect via vpn and open a static IP connection to any target machine with no problem.
No connection can be made to any computer using the RD Gateway configured in web access.
When the remote access site attempts a connection it uses the computer name and not an IP address. This is why I think it just fails because the names of the computers aren't in any DNS that my local machine has direct access to in any way without the VPN connection or list from remote access web page.
When selecting a computer to connect to it opens a pre-built rdp file and nothing I change in an rdp session let's me connect without the private IP address instead of using the computer name.
No connection can be made to any computer using the RD Gateway configured in web access.
When the remote access site attempts a connection it uses the computer name and not an IP address. This is why I think it just fails because the names of the computers aren't in any DNS that my local machine has direct access to in any way without the VPN connection or list from remote access web page.
When selecting a computer to connect to it opens a pre-built rdp file and nothing I change in an rdp session let's me connect without the private IP address instead of using the computer name.
How can I get the remote desktop to launch from the access anywhere website? Does anyone understand how it can launch with a computer name from that page and the remote machine have a clue how to route to the remote network?
I can't use web access on 2012 internally because the cert must be an external address and it will not connect without a matching cert.
I can't set up all these folks to access their machines remotely via the IP address without configuring static IPs.
I must have them able to access their desktops remotely.
I can't set up all these folks to access their machines remotely via the IP address without configuring static IPs.
I must have them able to access their desktops remotely.
Alan OBrien
Silly question maybe but have you turned on remote access on the desktops and setup the users to be allowed access to the machine remotely? Also you mention that the machines aren't in DNS, if they are not how do they hostnames resolve IP addresses etc...
ASKER
Yes, I can connect to the machines using rdp from both the internal network and by connecting with a checkpoint vpn client. They are turned on.
If you don't provide authorization for the user to access the machines they don't show up in the 2012 Access Anywhere list of computers to connect.
The DNS for the internal machine host names works fine on the local network. It is when the connect to computer is done from the Anywhere access that there is no DNS. The web page lists the computer, you click it and it launches a rdp session pointing to that hostname.
There is no way I can find that it knows how to make that connection. It fails to connect every time and I see nothing in the firewall or access logs to show it is trying to come through
If you don't provide authorization for the user to access the machines they don't show up in the 2012 Access Anywhere list of computers to connect.
The DNS for the internal machine host names works fine on the local network. It is when the connect to computer is done from the Anywhere access that there is no DNS. The web page lists the computer, you click it and it launches a rdp session pointing to that hostname.
There is no way I can find that it knows how to make that connection. It fails to connect every time and I see nothing in the firewall or access logs to show it is trying to come through
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I couldn't make that solution work and had to change to a new solution. My answer is what we did.