Re: RD works on LAN not across Internet

I have a similar problem. RD works fine within my LAN but not across the
Internet.

I turned off Windows Firewall and NIS on all computers. Going to
www.canyouseeme.org still does not see my host computer, or any other
computer for that matter. I tried forwarding the 3389 to each individual
PC's and none worked.

Strange thing I see happening. Even with all the firewalls turned off, when
I run Symantec's security check everything checks as secured... how can this
be?

Eduardo

"Sooner Al [MVP]" wrote:

> If you setup port forwarding for TCP Port 3389 on your router to the private LAN IP of the PC you
> want to connect to remotely using Remote Desktop, then run this test...
>
> http://www.canyouseeme.org/
>
> If it fails then you have an issue with port forwarding on the router.
>
> --
>
> Al Jarvi (MS-MVP Windows Networking)
>
> Please post *ALL* questions and replies to the news group for the mutual benefit of all of us...
> The MS-MVP Program - http://mvp.support.microsoft.com
> This posting is provided "AS IS" with no warranties, and confers no rights...
>
>
> "mobief" <mobief@xxxxxxxxxxxxxxxxxxxx> wrote in message
> news:xAU8e.68275$YC4.4788260@xxxxxxxxxxxxxxxxxxxxxxxx
> >I think I have the same problem... somebody does solve it ?
> >
> >
> > "Jim Johnson - Serenity Consulting" <JimJohnsonSerenityConsulting@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote
> > in message news:B0457AE0-AB4C-4B38-9022-5A56D44AD5D8@xxxxxxxxxxxxxxxx
> >>I was using a static IP behind the router, and yes the public IP was
> >> verified. I have verified that the Windows Firewall's scope for Remote
> >> Desktop includes all computers, even those with public IP addresses. No
> >> policies have been implemented on the host. My attempted login is with an
> >> administrator group account (actually the same account to which I login
> >> locally).
> >>
> >> For last test, I physically by-passed the router altogether and connected
> >> the host directly to the DSL modem - along with changing the host's IP
> >> settings to fully use DHCP to access the Internet. In other words, the host
> >> is no longer part of the LAN (and no other PC on the LAN can connect to the
> >> Internet).
> >>
> >> I *still* cannot make a RD connection across the Internet. Both my former
> >> ISP (Charter Cable) and my new ISP (SBC/Yahoo DSL) claim they do not block
> >> port 3389. However, using web-based port checking tools, my PC cannot be seen
> >> at port 3389. I *am* able to successfully ping the public IP address of the
> >> host across the Internet.
> >>
> >> So, within a LAN using private IP addressing, RD works fine. Using a direct
> >> connection to the Internet (no local router in the circuit) and public IP
> >> addressing, RD fails.
> >>
> >> By the way, I had also tested using the router and port forwarding to a
> >> static private IP address (no changes from what used to work), AND disabling
> >> all software firewall protection at the host (relied on the router's
> >> firewall). The result was identical.
> >>
> >> *Something* within the host simply does not like doing RD across the
> >> Internet. I am leary of dredging up a SP1 copy of trmserv.dll - but may
> >> experiment if no one has a better suggestion.
> >>
> >> thanks,
> >>
> >> Jim Johnson
> >>
> >>
> >> "Sooner Al [MVP]" wrote:
> >>
> >>> Well, if you can connect to the Remote Desktop host across your LAN then its obviously an issue
> >>> with
> >>> port forwarding through your firewall/NAT/router device or an addressing issue.
> >>>
> >>> What router? Are you using a static IP for the PC on your LAN? Are you calling the correct
> >>> public IP
> >>> for the router?
> >>>
> >>> There is some troubleshooting help on this page...
> >>>
> >>> http://theillustratednetwork.mvps.org/RemoteDesktop/RemoteDesktopSetupandTroubleshooting.html
> >>>
> >>> --
> >>>
> >>> Al Jarvi (MS-MVP Windows Networking)
> >>>
> >>> Please post *ALL* questions and replies to the news group for the mutual benefit of all of us...
> >>> The MS-MVP Program - http://mvp.support.microsoft.com
> >>> This posting is provided "AS IS" with no warranties, and confers no rights...
> >>>
> >>>
> >>> "Jim Johnson - Serenity Consulting" <JimJohnsonSerenityConsulting@xxxxxxxxxxxxxxxxxxxxxxxxx>
> >>> wrote
> >>> in message news:A15029FE-AFA4-46B9-A04F-E3807A59A459@xxxxxxxxxxxxxxxx
> >>> > Running XP Pro SP2 on both host (desktop) & client (laptop). Windows Firewall
> >>> > running on host, Remote Desktop enabled through System Properties and users
> >>> > assigned (I've also verfied that the Firewall allows exceptions and Remote
> >>> > Desktop is checked, and the 'Advanced' tab shows Remote Desktop enabled and
> >>> > pointing to itself by computer name).
> >>> >
> >>> > Remote Desktop works flawlessly when connecting within the LAN.
> >>> >
> >>> > At one time RD worked just fine across the Internet using port forwarding
> >>> > through my router. Now it refuses to connect across the Internet.
> >>> >
> >>> > I've tried numerous things, up to and including switching from cable to DSL,
> >>> > rebuilding the router settings after doing a factory reset - - and even
> >>> > by-passing the router and connecting the host directly to the DSL modem.
> >>> >
> >>> > I can ping the host PC without problem, so I know I've got the correct IP
> >>> > address.
> >>> >
> >>> > I've seen suggestions for rolling the terminal services .dll on the host
> >>> > back to the SP1 version. Before doing that, is there something I've missed?
> >>> > For example, an MS Hotfix?
> >>>
> >>>
> >>>
> >
> >
>
>
>
.

Relevant Pages

  • RE: Firewall / Internet Gateway Config Fails
    ... in the address of it's internet address so it can be routed on the net. ... Firewall / Internet Gateway Config Fails ... configured correctly shouldn't the lan clients be able ...
    (RedHat)
  • Re: Internet Connection Firewall
    ... You actually might want to keep the firewall on in a lan environment. ... TCP 445 - SMB over TCP ... > The built-in firewall is designed to be used only on a direct> connection to the Internet, not on any internal LAN connections. ...
    (microsoft.public.windowsxp.security_admin)
  • Re: internal IP exposure
    ... If you are speaking of "AuditMyPC", they use Java (not JavaScript) to fetch ... even for a computer with a direct Internet connection. ... If you could successfully ping 192.168.102.100, either you have set your LAN ... IP address the same as mine, and are seeing one of your computers, or you ...
    (microsoft.public.security)
  • Re: Is it practicable to share an internet connection w/o setting up a network?
    ... was the only one who wanted the broadband cable internet so I've been ... way of doing that without linking our computers together. ... You can set up a wireless router in Client Isolation mode. ... Also, like a previous poster mentioned, if you use a firewall to block ...
    (alt.internet.wireless)
  • Re: Remote Desktop failing acces from the internet
    ... You may want to try NAT one to one on port 3389. ... I'm trying to help a friend of mine with the following problem: Remote Desktop cannot access computers from the Internet. ... The only strange thing I have noticed is that the network admin has enforced some group policies on the computers belonging to the domain; as a result some exceptions on the firewall, the firewall service itself, plus some other domain-controlled services aren't modifiable. ...
    (microsoft.public.windowsxp.work_remotely)