Solved

RDP with Server 2008 from outside network

Posted on 2015-02-16
12
60 Views
Last Modified: 2016-03-04
I have a requirement for users to access a Server 2008 from outside my network. The server is licensed for RDP and my users can access the server from computers within the network with no problem, but when trying to access the server from outside the network the server will not allow the connection.

It is not a firewall issue as the local firewall is turned off and I can RDP to a Server 2003 from outside the network and I can RDP from the Server 2003 to the Server 2008 if I accessed the Server 2003 from  within the network, If I try to RDP directly to the Server 2008 from outside the network, or to the Server 2003 from outside the network I cannot then RDP to the Server 2008.

I feel like it must be a security policy issue, but I have no idea how to get around it.
0
Comment
Question by:DonkeyAnn
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
  • 2
12 Comments
 
LVL 23

Expert Comment

by:yo_bee
ID: 40612494
You will need to know your Public IP to access this first off.
If you only have a single Public IP you will need to change the default port on one of the Server for RDP.
by default RDP uses 3389. So if you want to access your 2008 Server via RDP you will need to configure your router NAT for port 3389.
What this means is when you make a call to <public IP> xx.xxx.xxx.xx using MSTSC (RDP) the call hits the router and needs to know where to redirect the traffic.

NAT <Public:3899> to <Private:3389>
If you have multiple Public addresses you can setup multiple NAT for both the 2003 and 2008 server

Do you have multiple public addresses and do you know the routers current settings for the 2003 Server?


Your description seems that you are able to access 2003 server, but later in the description it stated that you are not able to access either from the outside.
0
 
LVL 37

Expert Comment

by:Mahesh
ID: 40612617
I guess you are accessing both servers on single IP

Ur router \ firewall is unable to send traffic then to 2008 server

AS stated above you need to configure one more rule for 2008 RDP with custom RDP port
OR
If both IPs are different ensure that TCP 3389 is opened from new IP to 2008 server

OR

Best option could be setup RD Gateway server in DMZ which can allow you to connect to multiple internal servers via single RD Gateway server
0
 

Author Comment

by:DonkeyAnn
ID: 40612650
No, each server has a separate IP address and I know them both.  I can access the 2003 from outside the network, but when I do, I can't RDP over to the 2008 server.
0
Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

 
LVL 23

Expert Comment

by:yo_bee
ID: 40612685
So you are getting into the 2003 server from the outside via RDP, but unable to access 2008 Server while on the 2003 server, but while internally connecting to the 2003 server you can RDP to the 2008 server.

Have you setup similar rules on the router for your 2008 server as there is for the 2003 server to allow for the connection from the outside?
0
 

Author Comment

by:DonkeyAnn
ID: 40612692
Yep, they are both mapped similarly and have equal access rules.
0
 
LVL 23

Expert Comment

by:yo_bee
ID: 40612799
As you stated you are able to access the 2008 Server directly while internal to the network?
0
 

Author Comment

by:DonkeyAnn
ID: 40613451
Yes, using RDP.
0
 
LVL 37

Expert Comment

by:Mahesh
ID: 40613646
Ok
are you able to telnet 2008 server IP on TCP 3389 from internet client machine?

If this test get failed you need to look on firewall 1st
0
 

Author Comment

by:DonkeyAnn
ID: 40615162
Yes, 3389 is the default port and works from inside the network. The firewall on the 2008 server is disabled while trying to resolve this problem. I am also telnetting to the 2003 server from outside and inside the network on 3389.
0
 

Accepted Solution

by:
DonkeyAnn earned 0 total points
ID: 40615800
Thanks everyone for the help; as usual it was the dumbest of things.  Another tech plugged the patch cable into the wrong port.
0

Featured Post

Free eBook: Backup on AWS

Everything you need to know about backup and disaster recovery with AWS, for FREE!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Preface There are many applications where some computing systems need have their system clocks running synchronized within a small margin and eventually need to be in sync with the global time. There are different solutions for this, i.e. the W3…
Many of us in IT utilize a combination of roaming profiles and folder redirection to ensure user information carries over from one workstation to another; in my environment, it was to enable virtualization without needing a separate desktop for each…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…

729 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question