asked on
ZyWall Remote Desktop
I'm fighting a Zywall USG 100 firewall that will not connect Remote Desktop from a remote computer to a computer on the domain behind the firewall. I can't ping the firewall from outside of the LAN, but I can ping out OK. I can open an IPSec VPN tunnel with ZyXel IPSec VPN Remote Client but nothing happens. I have tried using networks with different network schemas. I created an object/address, NAT & firewall rule. I created an RPD service for port 3389, but then found that the USG 100 has a remotelogin on port 513. I don't know if that has a different purpose. I haven't been able to get a complete set of instructions, so I can't be positive that all the settings are correct. The user manual is not completely clear about configuration for a static domain network with a dynamic remote client. I've been losing time on this for 2 weeks & it has to be finished. Any help is appreciated.
Remote AccessVPNHardware Firewalls
Last Comment
Perarduaadastra
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
I followed those steps. Still no ping or connection.
ASKER
I added the LAN IP address of the computer on the office network to the Remote Sharing tab on the VPN Client. I can connect through that & navigate to a login screen, but when I enter her domain logini username & password I get the error:
The security database on the server does not have a computer account for this workstation trust relationship.
The security database on the server does not have a computer account for this workstation trust relationship.
The inability to ping the Zywall from outside is probably because the feature is turned off by default. It will probably be a check box labelled Respond to Pings or Ignore ICMP Requests, or similar.
The remote login may be to manage the unit from the internet, rather than from the LAN.
If I understand your question correctly, you're trying to establish an RDP connection over a VPN link. Have you tried connecting with RDP directly, that is, without using a VPN? Also, have you verified that the LAN target host is actually listening on 3389? It's not uncommon for the default port to be changed, and more common for such a change to be undocumented... You can check it in the target computer's registry by browsing to this key:
HKEY_LOCAL_MACHINE\SYSTEM\
In the right pane scroll down to PortNumber - the decimal value (in brackets) is the port number on which the machine is listening for RDP connections. If you change it, you will need to reboot the computer for the change to take effect.
The remote login may be to manage the unit from the internet, rather than from the LAN.
If I understand your question correctly, you're trying to establish an RDP connection over a VPN link. Have you tried connecting with RDP directly, that is, without using a VPN? Also, have you verified that the LAN target host is actually listening on 3389? It's not uncommon for the default port to be changed, and more common for such a change to be undocumented... You can check it in the target computer's registry by browsing to this key:
HKEY_LOCAL_MACHINE\SYSTEM\
In the right pane scroll down to PortNumber - the decimal value (in brackets) is the port number on which the machine is listening for RDP connections. If you change it, you will need to reboot the computer for the change to take effect.
Ah, that's new information...
How was the machine added to the domain? What version of Window server is being used? It sounds as though there is a corrupt, damaged, or missing computer domain account, as opposed to a user account.
How was the machine added to the domain? What version of Window server is being used? It sounds as though there is a corrupt, damaged, or missing computer domain account, as opposed to a user account.
ASKER
I enabled echo. It still doesn't connect through the Remote Desktop app, but when I click on it in the VPN Client, it goes through Remote Desktop automatically. But I use the public IP when I try to go directly through Remote Desktop. The VPN Client uses the LAN IP of the PC. I don't care if it only works that way. She is the only person that will have remote access.
The office computer functions normally on the domain. It was added through Users folder on the server which is running MS Server 2008 R2. It had a problem logging on previously with a similar error message & I had to manually add it to the security agreement (?) folder.
The office computer functions normally on the domain. It was added through Users folder on the server which is running MS Server 2008 R2. It had a problem logging on previously with a similar error message & I had to manually add it to the security agreement (?) folder.
SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.