Nova Consult ApS
asked on
Server 2012 R2 RDS NAT disconnects
Hello
I have some Server 2012 R2 that i use for RDS (remote desktop)
when i use it internal it works perfectly, and if i connect to wan with default port 3389 it works perfectly also
but if i make the NAT from lets say port 3399 to 3389 (internal) it connects but after 1-3 min it disconnects again.
i have done this :
1. server have ip 192.168.123.21
2. in firewall / router make a firewall rule to allow traffic from wan to lan port 3389
3. in firewall / router make NAT that point port 3399 to 3389 internal
I have some server 2008 R2 internal to and port 3394 => 3389 works on them,
and if i use port 3389=>3389 server 2012R2 works fine to, it is only Server 2012 r2 on different NAT port that disconnects
i get pictura and can work for about 1-3 min
Hope someone have some help here :-)
Best regards
Anders Klausen
I have some Server 2012 R2 that i use for RDS (remote desktop)
when i use it internal it works perfectly, and if i connect to wan with default port 3389 it works perfectly also
but if i make the NAT from lets say port 3399 to 3389 (internal) it connects but after 1-3 min it disconnects again.
i have done this :
1. server have ip 192.168.123.21
2. in firewall / router make a firewall rule to allow traffic from wan to lan port 3389
3. in firewall / router make NAT that point port 3399 to 3389 internal
I have some server 2008 R2 internal to and port 3394 => 3389 works on them,
and if i use port 3389=>3389 server 2012R2 works fine to, it is only Server 2012 r2 on different NAT port that disconnects
i get pictura and can work for about 1-3 min
Hope someone have some help here :-)
Best regards
Anders Klausen
ASKER
Hello David
Yes you understand me correctly :-)
i'm using a Zyxel USG 50 as my firewall, and i have a server 2008 R2 behind the same firewall,
and there port 3394 works from outside, so i dont think it is my firewall.
maybe i need to add that i have 3 2012 R2 server with this problem and 2 2008 R2 with no problem
the 2 2012 R2 is virtual servers in hyper-v and the last 2012 R2 is the Hyper-v server, and all3 makes this error
/Anders Klausen
Yes you understand me correctly :-)
i'm using a Zyxel USG 50 as my firewall, and i have a server 2008 R2 behind the same firewall,
and there port 3394 works from outside, so i dont think it is my firewall.
maybe i need to add that i have 3 2012 R2 server with this problem and 2 2008 R2 with no problem
the 2 2012 R2 is virtual servers in hyper-v and the last 2012 R2 is the Hyper-v server, and all3 makes this error
/Anders Klausen
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I would highly recommend deploying the Remote Desktop Gateway features on at least one of your RD Servers. RD Gateway greatly improves the security and connectivity experience with Remote Desktop to servers. https://technet.microsoft.com/en-us/library/dd983941(v=ws.10).aspx has instructions. When you deploy that properly, Remote Desktop will function over port 443 instead of the normal RD Ports (Though the Remote Desktop Client requires a little additional setup). That might not fix your problem, but it is an option for you.
Also make sure the Remote Desktop servers aren't set up to disconnect sessions. You can do this with a group policy object that deploys the session host settings in Computer Configuration\Windows Components\Remote Desktop\Remote Desktop Session Host
Also make sure the Remote Desktop servers aren't set up to disconnect sessions. You can do this with a group policy object that deploys the session host settings in Computer Configuration\Windows Components\Remote Desktop\Remote Desktop Session Host
ASKER
Thx Alot, the problem was the Zyxel firewall , i tried a different port ( one of the one that worked on server 2008) and they worked. i need to talk to zyxel to hear why my setup is not working it is strange
Best regards
Best regards
If I understand you correctly you have a scenario where the 2012 RDP server can be connected to on port 3389 without interruption, both locally and remotely. The problem only occurs when you set a port translation rule on your firewall directing 3399 external to 3389 internal. This would suggest that the problem is with either your firewall configuration, or your firewall itself. Can I ask what you are using as a firewall?
Kind regards,
David