Remote Desktop Issue

OK the problem I have is.......

I can login remotely to Server1 from my laptop

User is unable to login from Site A to remote Server1.

User is able to remote login to Site B ok to there Server 2 (this is the same with 8 other remote site servers they have)

If I remote login to Server 2 then rdp from there to Server1 it works ok.

No computer at Site A can remote to Server1, but 8 other rdps work ok from Site A to different sites.

Error msg is 'Remote desktop cant connect to the remote computer'.

All servers are Server 2003.

Usernames password are not a issue.
Keith OwenAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

DLeaverCommented:
Sounds like a riddle!

Have you checked the permissions?

If Server 1 is accessible via your laptop and from another server then it would suggest you have permissions on your account to RDP but the other users have not been enabled to RDP on to this particular server.

Check the Remote connection permissions policy or ensure that the server is added to the same OU as the other RDP servers in order to allow the specified RDP users
0
Keith OwenAuthor Commented:
Ha yeh tell me about it!!

Had a check and everything looks ok.

It doesn't even get to the point of asking for username or password, its like the router is just blocking the connection from Site A.

Forgot to mention that this has been working in the past but just stopped for no reason. Nothing has been changed.

Just does not make sense!
0
KimputerCommented:
If you use:
telnet server1_ip 3389
and the result is something like: Could not open connection to the host
Then it's definitely a firewall issue.
0
Determine the Perfect Price for Your IT Services

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!

DLeaverCommented:
When you say it works from your laptop, is that from site A?  If yes then a firewall/router issue is still a possibility, but it would be an odd fault rather than a misconfiguration.  If no then definitely try Kimputers suggestion above.

If it is the latter then I would confirm the outgoing ports on the firewall/router, do you have access to this?  Is it possible somebody may have adjusted the config?

Is connectivity up between these two sites?  Assume you have pinged from Site A?.....
0
Keith OwenAuthor Commented:
Thanks for the reply guys. I will try once I get a moment

All sites have separate Servers and networks (10 in all) Head office uses Remote desktop to login to each site to the Server.

All work but 1 site, it does not even make a connection, my laptop located offsite can connect ok. None of the machines can access this server from head office.

They all use the same user / password for each server (10 in all) If i use same details it works.

Kimputer - I can login from my laptop and from any other of the 9 Servers to this site, just head office will not even connect nevermind ask for user/password.

Thanks again
0
KimputerCommented:
As I said, in the head office:

telnet server1_ip 3389
and the result is something like: Could not open connection to the host
Then it's definitely a firewall issue

Firewall issue could be in firewall in head office or at the server though.
0
Keith OwenAuthor Commented:
Hi,

Ok tried this and the result was 'could not open connection to host.

Cant see  it being a firewall issue on the target server as it lets me in and 9 other connections from there other servers in.

Maybe Head office then?
0
KimputerCommented:
Firewall might have some unique rules (blocking IP number/range), but also, usually there's a firewall at the source, and at the destination. Therefore you have to investigate at both sides.
To distinguish if it's a protocol block or IP range block, you can try to access other things on the server (like FTP, www). If you can't access those either, it's an IP block. If you CAN access other services, it's a service block (still doesn't bring you closer to a solution though, you still need to investigate both sides, but at least you know a bit more on how the rule looks like)
0
Keith OwenAuthor Commented:
Ok thanks for the info, I will have a play.
0
DLeaverCommented:
OK, so no access at all from HO.

I would run through the following

1. From HO run the telnet again but against server 2, this will prove without doubt that outbound traffic is allowed out of your network on 3389.
2. Confirm on the HO firewall that traffic is allowed out (source) to the Server 1 site (destination).  As Kimputer suggests, testing other services is a good idea too, as if these work then you would just need to add 3389 to that allowed service list and you are done.
3. Confirm on the Server 1 site firewall that the HO subnet is allowed to send traffic inbound on 3389

* I questioned how these sites are connected previously.  If you RDP over the WAN then points 1-3 are sufficient to locate the issue.  If they are connected via VPN then you may need to go a step further and ensure that the correct subnets are added to the allowed list on either ends of the VPN tunnel.
0
Keith OwenAuthor Commented:
Ok I reset the router at the host and started from scratch and all worked ok, maybe something went a miss with the router.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
DLeaverCommented:
Up to you but myself and Kimputer both suggested it was a potential firewall issue....
0
KimputerCommented:
Clearly the firewall was configured incorrectly, and by resettings and starting over, you somehow got the configuration correct this time.
0
Keith OwenAuthor Commented:
The firewalls were turned off and still no connection were made so that is what made me think the router at host site was playing up.
0
KimputerCommented:
Yes, sometimes (but not often) that can happen. Better get a configuration backup now, as it might happen again in the future.
0
Keith OwenAuthor Commented:
Good call on that, thanks
0
Keith OwenAuthor Commented:
I tried multiple ways to resolve the issue and in the end I just changed the router which worked.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Remote Access

From novice to tech pro — start learning today.