Re: port 4125 closed on my server ?

Tech-Archive recommends: Speed Up your PC by fixing your registry

From: Jéjé (willgart_at__A_hAotmail_A_.com)
Date: 03/05/04 

Date: Fri, 5 Mar 2004 08:23:27 -0500

Ok, this is my tests:
1. Open the web from an external computer (through ISA) and open the remote
web workplace
2. Click on the "Connect to server desktop"
3. Select a computer and click connect
4. a popup error appear "Remote desktop disconnect", and I've the 4 possible
reasons
5. I don't click on the OK of the popup
6. At the SBS server level, I open a command prompt window and I type
netstat -aon | find "4125" and I see the port 4125 in listening mode
7. I click "OK" on the web, and the port 4125 is closed on my server

Second test:
1. On my server I open the Winsocktool and set it to listen on port 4125
2. on my external computer I execute telnet <external IP> 4125 and I'm
connected
3. I can type and transmit data from the 2 computers through ISA without
problem.

So, any idea?
some of my tests demonstrate that my ISA Server can create the bridge, but
with a remote desktop connection, this doesn't works.

Does I must install the firewall client on my SBS server ? (actually in a
securenat mode)
In the past, before installing the feature pack 1 of ISA Server , all works
fine.

Thanks for your help.

"Matthew Huynh (MSFT)" <mhuynh@online.microsoft.com> a écrit dans le message
de news:%23vx$$cpAEHA.3712@tk2msftngp13.phx.gbl...
> How are you verifying that the port is open? Did you do the verification
> steps of seeing end to end communication through the ISA firewall?
>
> --
> Matthew Huynh
>
> This posting is provided "AS IS" with no warranties, and confers no
rights.
>
>
> "Jéjé" <willgart@_A_hotAmail_A_.com> wrote in message
> news:uEzTvFkAEHA.3256@TK2MSFTNGP09.phx.gbl...
> > oohh...
> > ok...
> >
> > When I do this, then I see a listening socket at port 4125
> >
> > internally there is no problem (or by VPN)
> > but through ISA I can't be connected (but the port is open)
> >
> > Does my server publishing rule based on port 4125 is enough?
> >
> > "MattHuynh" <matthuynh@attbi.com> a écrit dans le message de
> > news:%23KHHxNiAEHA.1796@TK2MSFTNGP12.phx.gbl...
> > > Can you check whether the TS Proxy will start a listening socket on
port
> > > 4125?
> > >
> > > On the server just logon to the RWW and connect to a server or
machine.
> > > From the command line type:
> > > netstat -aon | find "4125"
> > > Does a listening socket get generated?
> > >
> > >
> > > "Jéjé" <willgart@_A_hotAmail_A_.com> wrote in message
> > > news:%23xpjVIZAEHA.2316@TK2MSFTNGP10.phx.gbl...
> > > > thanks...
> > > >
> > > > all works fine, I can communicate without problem through the
> firewall.
> > > >
> > > > any other idea?
> > > >
> > > > "Matthew Huynh (MSFT)" <mhuynh@online.microsoft.com> a écrit dans le
> > > message
> > > > de news:%23eBVLBZAEHA.1700@TK2MSFTNGP12.phx.gbl...
> > > > > The TS Proxy (which listens on 4125) doesn't start a listening
> socket
> > > > until
> > > > > it is told to do so by the user that is requesting to connect to a
> > > server
> > > > or
> > > > > client in the list.
> > > > >
> > > > > I assume you have your web publishing rule setup correctly since
you
> > are
> > > > > able to access the RWW.
> > > > >
> > > > > Try these steps to verify that your ISA server if forwarding
> > correctly:
> > > > >
> > > > > Go to http://isatools.org and download winsocktool.msi
> > > > > Install it on the SBS server
> > > > > Launch the winsocktool
> > > > > Configure the tool for:
> > > > > Mode: Server
> > > > > Protocol: TCP
> > > > > Local address: 0.0.0.0
> > > > > Local port: 4125
> > > > > Click Listen
> > > > > On your external client open a command prompt
> > > > > type telnet <external ip> 4125
> > > > > Verify that the telnet session connected by typing some thing.
You
> > > should
> > > > > see it on the winsocktool console.
> > > > >
> > > > > This will tell us if your router is not forwarding the traffic
> > > correctly.
> > > > >
> > > > >
> > > > > --
> > > > > Matthew Huynh
> > > > >
> > > > > This posting is provided "AS IS" with no warranties, and confers
no
> > > > rights.
> > > > >
> > > > >
> > > > > "Jéjé" <willgart@_A_hotAmail_A_.com> wrote in message
> > > > > news:%23yUMw2XAEHA.2808@TK2MSFTNGP10.phx.gbl...
> > > > > > hi,
> > > > > >
> > > > > > my remote desktop doesn't work from the internet, but works fine
> in
> > > the
> > > > > > local network.
> > > > > >
> > > > > > its like if my ISA server has the port 4125 closed, but this
port
> is
> > > > open
> > > > > > and a server publishing rule redirect it to my SBS server
(because
> > my
> > > > ISA
> > > > > > Server is another server)
> > > > > >
> > > > > > From the ISA logs, I can see that a user try to be connected
> trhough
> > > the
> > > > > web
> > > > > > page (a request to the port 4125 is granted)
> > > > > > but on my SBS server there is no listener for the port 4125!!!
> > > > > >
> > > > > > a telnet command to the port 4125 say there is no listener
> > > > > > and netstat -ao says the same thing.
> > > > > >
> > > > > > So, what is the problem?
> > > > > > there is a missing program?
> > > > > >
> > > > > > thanks.
> > > > > >
> > > > > > Jerome.
> > > > > >
> > > > > >
> > > > > >
> > > > > > ---
> > > > > > Outgoing mail is certified Virus Free.
> > > > > > Checked by AVG anti-virus system (http://www.grisoft.com).
> > > > > > Version: 6.0.600 / Virus Database: 381 - Release Date:
2004-02-28
> > > > > >
> > > > > >
> > > > >
> > > > >
> > > >
> > > >
> > > > ---
> > > > Outgoing mail is certified Virus Free.
> > > > Checked by AVG anti-virus system (http://www.grisoft.com).
> > > > Version: 6.0.600 / Virus Database: 381 - Release Date: 2004-02-28
> > > >
> > > >
> > >
> > >
> >
> >
> > ---
> > Outgoing mail is certified Virus Free.
> > Checked by AVG anti-virus system (http://www.grisoft.com).
> > Version: 6.0.600 / Virus Database: 381 - Release Date: 2004-02-28
> >
> >
>
> 

---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.595 / Virus Database: 378 - Release Date: 2004-02-25

Relevant Pages

  • RE: ISA access rules, help
    ... please let me know whether you're using ISA 2000 or ISA 2004 ... (SBS SP0 or SBS SP1). ... the ISA server will not be used as a proxy server. ... Since SBS already used port 80, ...
    (microsoft.public.windows.server.sbs)
  • RE: Remote Web Workplace not completely working.
    ... In order to allow a remote desktop connection to a client computer through ... TS requests through a firewall on TCP port 4125, ... To open the port 4125 on ISA, we can re-run CEICW to confirm it. ... server certificate) and then click Next. ...
    (microsoft.public.windows.server.sbs)
  • RE: How to add a Citrix Server
    ... ISA about the second address (how do I attach a second IP address to the NIC ... the ISA server to handle the incoming traffic that needs to go to the Citrix ... How would I forward the traffic coming in on the new port to port ... that the newsgroups are staffed weekdays by Microsoft Support professionals ...
    (microsoft.public.windows.server.sbs)
  • RE: ISA access rules, help
    ... please let me know whether you're using ISA 2000 or ISA 2004 ... >(SBS SP0 or SBS SP1). ... the ISA server will not be used as a proxy server. ... Since SBS already used port 80, ...
    (microsoft.public.windows.server.sbs)
  • Re: UDP port mapping doesnt work
    ... OK assuming I already have an anonymous rules which allows many software ... ISA, can we assume the MIP device should be able to go out? ... >> Ok then opening port means actually a mapping port so data from external ... You see I have a Unix server which a SSH running to allow ...
    (microsoft.public.isa)