I cannot connect to Remote Desktop Services in Server 2008 r2 via the internet but no problem connecting locally.

Chris Burnett
Chris Burnett used Ask the Experts™
on
I have set up Server 2008 r2 to be a remote session host for rds. I purchased a ssl certificate and linked it to RDS and bound it to the default web site in iis 7. I created an A record for the RDS address using the wan ip address.  I opened port 3389 on the modem since that's the port rds is set to use. I still cannot connect. Any Suggestions?
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Distinguished Expert 2017

Commented:
are you certain that your modem is the only thing between the RDS server and the Internet and there is no other firewall device? You opened port 3389 did you direct it to port 3389 and to the LAN ip of the RDS server?

Ping the default gateway from your RDS server, get the MAC address arp -a ip_of_default_gateway and compared it to the device manufacturer based in MAC address, then make sure it matches the modem on which you made the change.

An easier way is to look at the modem to see what LAN IPs it has versus what the ip on the system is.

The confusing part of your comment, you mentioned you placed the cert in/on iis.

Author

Commented:
I pinged the default gateway and I was able to reach it. The Mac address is the right one for the modem as well. What I meant when I said I put the cert in IIS was I binded the certificate to the default web site in IIS.  That is necessary because RDS uses IIS to function. Correct me if I am wrong on that.

Author

Commented:
I think the problem may be a DNS issue. It seems like my RDS information is not populating DNs servers on the web. I created an A-Record for my Rds site but still nothing.
Acronis in Gartner 2019 MQ for datacenter backup

It is an honor to be featured in Gartner 2019 Magic Quadrant for Datacenter Backup and Recovery Solutions. Gartner’s MQ sets a high standard and earning a place on their grid is a great affirmation that Acronis is delivering on our mission to protect all data, apps, and systems.

Distinguished Expert 2017

Commented:
I think RDP uses its own certficate.

Here is a link, there is a powershell command to run to see whether your RDP service reflects the SSL certificate.

I do not believe IIS is the correct location to load the cert.

Author

Commented:
I did associate the certificate with RDS. I can check the RdS management console and see that it  is using the right certificate. I really don't think that my Dns is propagating with servers on the wan. What can I do to make that happen. Is there a certain host record that should be in place?
Distinguished Expert 2017

Commented:
The change addition of the host has to be done on the revord that is public.  There is no way without you disclosing the name of your domain.  You can use betterwhois.com enter your domain and it will reflect the registration revord at the bottom of which you will see the name servers and presumably that will indicate to you who the registrar is and where you need to go to add the host.


Can you externally connect to RDS using the wan IP bypassing the need for other modifications.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial