Re: Remote Connection Issue
- From: "Bill Swan" <bill@xxxxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Fri, 21 Oct 2005 11:11:14 +0100
Hi Barry... sorry should of asked previously ( forgot in 2003 SBS)... any
reason why RWW is not being used ?
Thanks Jenny... missed the different port being used...lol
""Jenny wu [MSFT]"" <v-yanniw@xxxxxxxxxxxxxxxxxxxx> wrote in message
news:8VSXm3h1FHA.1468@xxxxxxxxxxxxxxxxxxxxxxxx
> Hi Barry,
>
> I wanted to inform you that I have replied to your thread in:
>
> Newsgroup: microsoft.public.windows.server.sbs
> Titled: Remote Connection Issue
>
> Please reply directly to the thread if you have any other question or
> concern. You may receive this email notification before you are able to
> view my reply in the newsgroup. I also copy the content as following for
> your convenience:
>
> ******************
> Hi Barry,
>
> Thanks for posting here!
>
> For your description, I understand that you want to allow a LAN client
> computer accessed remotely, and you have configured server publishing rule
> to publish it, but failed. If I am off base, please don't hesitate to let
> me know.
>
> How internet computer access to the internal client computer? Can I assume
> you are using terminal services?
>
> By default Terminal Server and Windows 2000 Terminal Services uses TCP
> port
> 3389 for client connections. Microsoft does not recommend that this value
> be changed. However, if it is necessary to change this port, you need
> follow these instructions.
>
> WARNING: If you use Registry Editor incorrectly, you may cause serious
> problems that may require you to reinstall your operating system.
> Microsoft
> cannot guarantee that you can solve problems that result from using
> Registry Editor incorrectly. Use Registry Editor at your own risk.
>
> I. To change the default port for all new connections created on the
> Terminal Server (the specific LAN client computer):
>
> 1. Run Regedt32 and go to this key:
> HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Terminal
> Server\WinStations\RDP-Tcp
>
> 2. Find the "PortNumber" subkey and notice the value of 00000D3D, hex for
> (3389). Modify the port number in Hex and save the new value.
>
> II. Publish the terminal services on 3390 port to internet (you have
> done):
>
> 1) Created an IP Packet Filter.
> 2) Created a Protocol Definition.
> 3) Created a Server Publishing Rule to the IP address of the LAN
> Workstation.
>
> III. To Alter the Port on the Client Side and open 3390 port in client
> firewall.
>
> To alter the port on:
> 1. Open Client Connection Manager.
>
> 2. On the File menu, click New Connection, and then create the new
> connection. After running the wizard, you should have a new connection
> listed there.
>
> 3. Making sure that the new connection is highlighted, on the File menu,
> click Export. Save it as name.cns.
>
> 4. Edit the .cns file using Notepad changing "Server Port=3389" to "Server
> Port=xxxx" where xxxx is the new port that you specified on Terminal
> Server.
>
> 5. Now import the file back into Client Connection Manager. You may be
> prompted to overwrite the current one, if it has the same name. Go ahead
> and overwrite it. You now have a client that has the correct port settings
> to match your change Terminal Server settings.
>
> NOTE: The Terminal Server ActiveX client listens on TCP port 3389 and this
> cannot be changed. The Remote Desktop Protocol (RDP) client that is
> available in Microsoft Windows XP and Windows .NET (version 5.1 and later)
> has this ability.
>
> NOTE: You must restart the Terminal Server before the new listening port
> becomes active, or recreate the RDP listener via Terminal Services
> configuration.
>
> Open the port in firewall (you have done):
>
> 1) Allowed Remote Access
> 2) Allowed port 3390 through the Windows Firewall
>
> Try to test again to see if the issue be fixed.
>
> If the issue persists, please kindly help me collect some information to
> isolate the issue:
> 1. What are the accurate services you use to access the internal computer?
> 2. What is the accurate error message when you try to access the internal
> computer? Could you kindly help me catch a screen shot of the error
> message?
> To make a screen shot:
>
> A. Press Alt + Pr Scrn to capture a screen shot.
> B. From Start, go to Run, enter pbrush in the Open box, and then click OK.
> C. Use Ctrl + V to paste the screen shot to the canvas.
> D. From the File menu, go to Save and save as a JPG file.
>
> 3. Please use the ISAinfo utility to collect the ISA configuration
> information for further analyze:
>
> a. Download the file from the following URL:
> http://www.isatools.org/isainfo/ISAInfo.zip
> b. Extract all files to a folder on ISA server
> c. Double click Isainfo.js. This will generate 2 files
> ISAInfo2004-<computer-name>.log and ISAInfo2004-<computer-name>.xml in the
> current folder.
> d. Please send these files to me at feijj@xxxxxxxxxxxxx
>
> 3. Gather the ISA Web Proxy and Firewall service logs when reproducing the
> problem:
>
> Enable the full Web Proxy/firewall logging option:
> a. Open ISA 2004 management console.
> b. Expand the server node and highlight ''Monitoring''.
> c. In the right pane, switch to the ''Logging'' tab, make sure the ''Task
> Pane'' is showed there.
> d. In the ''Task Pane'', click ''Configure Web Proxy Logging'' under
> ''Logging Tasks'', and then switch the ''log storage format'' from ''MSDE
> database'' (default) to ''File''.
> e. Switch to the ''Fields'' tab, and then click ''Select All''.
> f. Click OK, and then click ''Apply'' to save changes and update the
> configuration.
> g. Click ''Configure Firewall Logging''. Do step d~f to enable the full
> logging options for firewall logging.
>
> Prepare to take the trace:
> a. Temporarily stop the Firewall service to clear the current existing W3C
> logs: Monitoring->Services tab, and then right click ''Microsoft
> Firewall''
> to choose ''Stop''.
> b. Go to the log saving directory and clean any existing .W3C logs. By
> default, the logs will be saved to ''C:\Program Files\Microsoft ISA
> Server\ISALogs''. (Some MDF may not be able to deleted, that''s normal.)
> c. Go back to the ISA 2004 management console, and then Start the stopped
> ''Microsoft Firewall'' service.
>
> Reproduce the problem:
> a. Go to the external client computer. Try to access the RWW web site.
> b. Go back to the ISA server. Stop the ''Microsoft Firewall'' service.
> Open
> Windows Explorer, navigate to the ISA log file folder. Collect the recent
> w3c files. Save them to a zip package as ''isalogs.zip''. Start the
> ''Microsoft Firewall'' Service.
>
> Please add all file to a zip file and send the zip packages to me at
> v-yanniw@xxxxxxxxxxxxxx If the file is too big, you can split to several
> parts and mail me. I appreciate your time and efforts to perform test and
> collect information.
>
> I am happy to be assistance of you and looking forward to your reply!
>
> ******************
>
> If you are unable to view the reply to your thread, please send me an
> with a description of the problem and what newsreader you are using.
>
> Have a nice day.
>
> Sincerely,
>
> Jenny Wu
> Microsoft Online Partner Support
> MCSE 2000/2003
>
> Get Secure! - www.microsoft.com/security
>
> =====================================================
> When responding to posts, please "Reply to Group" via your newsreader so
> that others may learn and benefit from your issue.
> =====================================================
>
> This posting is provided "AS IS" with no warranties, and confers no
> rights.
>
> More Information
> ===========
> Please be informed that we have released The Microsoft? Baseline Security
> Analyzer (MBSA) 1.2 to the public; the download link is
> http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/
> tools/mbsahome.asp.
>
> The Microsoft? Baseline Security Analyzer (MBSA) is a tool that allows
> users to scan one or more Windows?-based computers for common security
> misconfigurations.
>
> Microsoft has published information, that details the tool and instructs
> customers how to use the tool:
>
> - Microsoft? Baseline Security Analyzer (MBSA) Home Page
>
> - Microsoft Baseline Security Analyzer (MBSA) Version 1.2 Is Available
> (320454)
>
> - Microsoft Baseline Security Analyzer (MBSA) Version 1.2 Q&A
>
> MBSA 1.2 now includes new support for the following Products:
>
> - Exchange Server 2003
>
> - Microsoft Office (Note: MBSA can only be used for to perform a local
> scans for Microsoft Office. Please see the above referenced documents for
> more information).
>
> - Microsoft Data Access Components (MDAC) 2.5, 2.6, 2.7, and 2.8
>
> - Microsoft Java Virtual Machine
>
> - MSXML 2.5, 2.6, 3.0, and 4.0
>
> - BizTalk Server 2000, 2002, and 2004
>
> - Commerce Server 2000 and 2002
>
> - Content Management Server (CMS) 2001 and 2002
>
> - SNA Server 4.0, Host Integration Server (HIS) 2000 and 2004
>
> If you have any questions regarding the tool or its implementation after
> reading the above resources, you should contact Product Support Services
> in
> the United States at 1-866-PCSafety (1-866-727-2338). International
> customers should contact their local subsidiary.
>
.
- References:
- Re: Remote Connection Issue
- From: Barry McConomy
- Re: Remote Connection Issue
- Prev by Date: RE: Remote Exchange Server Access broken
- Next by Date: RE: CEICW Errors
- Previous by thread: Re: Remote Connection Issue
- Next by thread: Re: Remote Connection Issue
- Index(es):
Relevant Pages
|
