Re: Remote Connection Issue
- From: "Barry McConomy" <smile@xxxxxxxxxx>
- Date: Sat, 22 Oct 2005 08:46:45 -0400
Hi Jenny
Changing to registry on the LAN workstation did the trick.
Many thanks for your help.
Also thanks for the information regarding RWW, I intend implementing this in
the near future.
Regards
Barry
""Jenny wu [MSFT]"" <v-yanniw@xxxxxxxxxxxxxxxxxxxx> wrote in message
news:cJgo8rk1FHA.748@xxxxxxxxxxxxxxxxxxxxxxxx
> Hi Barry,
>
> Thanks for your update!
>
> If you want to connect to connect to the SBS server box and the LAN client
> computer simultaneously, you can use the RWW (Remote Web Workspace) site
> to
> reach your goal in SBS environment. Besides, you can setup VPN to the SBS
> domain, and then work as domain computer and access any domain computers
> if
> you have permissions.
>
> The SBS RWW is a dynamically created web site that provides a single,
> simple, and consolidated entry point for remote users to access SBS
> features. It empowers external SBS users by providing one place from which
> all relevant features of SBS, such as Outlook Web Access, Windows
> SharePoint Services, and the remote user desktop, can be accessed from
> outside the network firewall. To access RWW, one can access
> http://fully_qualified_domain_name/remote remotely, or
> http://servername/remote locally. Connecting through RWW allows users to
> connect to the server resources without additional configuration such as
> VPN or RAS. It also allows VAPs to connect directly to the internal
> workstations for troubleshooting purposes. If SSL is deployed along with
> RWW, you ensure the communication is secured, and all data is encrypted
> and
> protected over the web.
>
> The following sections discuss the components of RWW:
>
> RWW Files
> IIS Virtual Directory
> Registry Keys
> Active Directory Configuration
> Default Web Site
> ISAPI Filter
> TS Proxy
> Remote User E-mail
>
> You can run CEICW to publish RWW to internet and the wizard will configure
> all related settings in ISA, IIS and firewall automatically.
>
> I. Please try to run CEICW to make sure enable firewall and publish VPN,
> Terminal services, RWW to internet. You can refer to the following steps:
>
> 1. Expand Standard Management | To Do List.
> 2. Click Connect to the Internet in the right pane.
> 3. Navigate the wizard to Firewall and then select Enable firewall. In the
> next page, make sure the E-mail, VPN, Terminal services item is checked in
> services configuration page.
> 4. Click Next and then select Allow access to the following web site
> services from the internet.
> 5. Make sure RWW be selected and click Next.
> 6. Click Create a new Web services certificate (input your FQDN as the web
> server certificate) and then click Next.
> 7. Following the wizard to finish it.
>
> I suggest you refer to KB 825763 to configure the network connection:
>
> 825763 How to configure Internet access in Windows Small Business Server
> 2003
> http://support.microsoft.com/?id=825763
>
> If you have installed router or hardware firewall outside the SBS 2003
> network, please double check to make sure the TCP port 4125, 1723,
> 3389,443,444 are opened on your router or hardware firewall.
>
> Generally, we open the ports we needed to allow some specific traffic. You
> can refer to the following list:
>
> TCP port Definition
> 25 Email (SMTP)
> 80 required for HTTP
> requests for your site
> 443 required for HTTPS
> requests using SSL, which secures communications from your server and a
> Web
> browser
> 444 Companyweb
> 4125 Remote Web Workplace
> 1723 (plus GRE Protocol 47) VPN
> 3389 Terminal Services
> 21 FTP
>
> After did that, on the internet computer, type URL:http://FQDN/remote or
> URL:http://public IP/remote in IE to access the RWW site and you can
> connect to server box and client computer simultaneously.
>
> Information about setup VPN:
>
> 308208 HOW TO: Install and Configure a Virtual Private Network Server in
> http://support.microsoft.com/?id=308208
>
> HOW TO: Configure a Connection to a Virtual Private Network (VPN) in
> Windows XP
> http://support.microsoft.com/?id=314076
>
> 320697 HOW TO: Turn On and Configure Inbound VPN Access in Small Business
> http://support.microsoft.com/?id=320697
>
> Hope above information helps! If you have any concern on the issue please
> let me know. I am happy to be assistance of you!
>
> Have a nice weekend!
>
> Best Regards,
>
> Jenny Wu
> Microsoft CSS Online Newsgroup Support
> Get Secure! - www.microsoft.com/security
> ======================================================
> This newsgroup only focuses on SBS technical issues. If you have issues
> regarding other Microsoft products, you'd better post in the corresponding
> newsgroups so that they can be resolved in an efficient and timely manner.
> You can locate the newsgroup here:
> http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
>
> When opening a new thread via the web interface, we recommend you check
> the
> "Notify me of replies" box to receive e-mail notifications when there are
> any updates in your thread. When responding to posts via your newsreader,
> please "Reply to Group" so that others may learn and benefit from your
> issue.
>
> Microsoft engineers can only focus on one issue per thread. Although we
> provide other information for your reference, we recommend you post
> different incidents in different threads to keep the thread clean. In
> doing
> so, it will ensure your issues are resolved in a timely manner.
>
> For urgent issues, you may want to contact Microsoft CSS directly. Please
> check http://support.microsoft.com for regional support phone numbers.
>
> Any input or comments in this thread are highly appreciated.
> ======================================================
> This posting is provided "AS IS" with no warranties, and confers no
> rights.
>
> --------------------
>>From: "Barry McConomy" <smile@xxxxxxxxxx>
>>Newsgroups: microsoft.public.windows.server.sbs
>>Subject: Re: Remote Connection Issue
>>Date: Fri, 21 Oct 2005 08:25:48 -0400
>>Organization: Posted via Supernews, http://www.supernews.com
>>Message-ID: <11lhn4lg8h4vbe4@xxxxxxxxxxxxxxxxxx>
>>References: <11lg2qg16cdu6c8@xxxxxxxxxxxxxxxxxx>
> <ev$GFdc1FHA.2212@xxxxxxxxxxxxxxxxxxxx>
> <11lggl56c6naj51@xxxxxxxxxxxxxxxxxx>
> <rI6Ywzh1FHA.1468@xxxxxxxxxxxxxxxxxxxxx>
>>X-Priority: 3
>>X-MSMail-Priority: Normal
>>X-Newsreader: Microsoft Outlook Express 6.00.2900.2180
>>X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
>>X-RFC2646: Format=Flowed; Original
>>X-Complaints-To: abuse@xxxxxxxxxxxxx
>>Lines: 279
>>Path:
> TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!newsfeed00.sul.t-online.de!t-onli
> ne.de!newshub.sdsu.edu!newsfeed.news2me.com!newsfeed2.easynews.com!newsfeed1
> .easynews.com!easynews.com!easynews!sn-xit-03!sn-xit-08!sn-post-01!supernews
> .com!corp.supernews.com!not-for-mail
>>Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.windows.server.sbs:163354
>>X-Tomcat-NG: microsoft.public.windows.server.sbs
>>
>>Hi Jenny
>>
>>The reason I am using 2 port numbers the default 3389 and 3390 is that I
>>want the connect from remote clients simultaneously to the SBS server
>>through port number 3389 and a workstation on the LAN through port number
>>3390.
>>
>>I am of the understanding this is the only way to connect to different
>>Server/Workstations on the same LAN at the same time.
>>
>>Please advise if there is another way that does not need different port
>>numbers.
>>
>>Regards
>>Barry
>>
>>
>>""Jenny wu [MSFT]"" <v-yanniw@xxxxxxxxxxxxxxxxxxxx> wrote in message
>>news:rI6Ywzh1FHA.1468@xxxxxxxxxxxxxxxxxxxxxxxx
>>> Hi Barry,
>>>
>>> Thanks for posting here!
>>>
>>> For your description, I understand that you want to allow a LAN client
>>> computer accessed remotely, and you have configured server publishing
> rule
>>> to publish it, but failed. If I am off base, please don't hesitate to
>>> let
>>> me know.
>>>
>>> How internet computer access to the internal client computer? Can I
> assume
>>> you are using terminal services?
>>>
>>> By default Terminal Server and Windows 2000 Terminal Services uses TCP
>>> port
>>> 3389 for client connections. Microsoft does not recommend that this
>>> value
>>> be changed. However, if it is necessary to change this port, you need
>>> follow these instructions.
>>>
>>> WARNING: If you use Registry Editor incorrectly, you may cause serious
>>> problems that may require you to reinstall your operating system.
>>> Microsoft
>>> cannot guarantee that you can solve problems that result from using
>>> Registry Editor incorrectly. Use Registry Editor at your own risk.
>>>
>>> I. To change the default port for all new connections created on the
>>> Terminal Server (the specific LAN client computer):
>>>
>>> 1. Run Regedt32 and go to this key:
>>> HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Terminal
>>> Server\WinStations\RDP-Tcp
>>>
>>> 2. Find the "PortNumber" subkey and notice the value of 00000D3D, hex
>>> for
>>> (3389). Modify the port number in Hex and save the new value.
>>>
>>> II. Publish the terminal services on 3390 port to internet (you have
>>> done):
>>>
>>> 1) Created an IP Packet Filter.
>>> 2) Created a Protocol Definition.
>>> 3) Created a Server Publishing Rule to the IP address of the LAN
>>> Workstation.
>>>
>>> III. To Alter the Port on the Client Side and open 3390 port in client
>>> firewall.
>>>
>>> To alter the port on:
>>> 1. Open Client Connection Manager.
>>>
>>> 2. On the File menu, click New Connection, and then create the new
>>> connection. After running the wizard, you should have a new connection
>>> listed there.
>>>
>>> 3. Making sure that the new connection is highlighted, on the File menu,
>>> click Export. Save it as name.cns.
>>>
>>> 4. Edit the .cns file using Notepad changing "Server Port=3389" to
> "Server
>>> Port=xxxx" where xxxx is the new port that you specified on Terminal
>>> Server.
>>>
>>> 5. Now import the file back into Client Connection Manager. You may be
>>> prompted to overwrite the current one, if it has the same name. Go ahead
>>> and overwrite it. You now have a client that has the correct port
> settings
>>> to match your change Terminal Server settings.
>>>
>>> NOTE: The Terminal Server ActiveX client listens on TCP port 3389 and
> this
>>> cannot be changed. The Remote Desktop Protocol (RDP) client that is
>>> available in Microsoft Windows XP and Windows .NET (version 5.1 and
> later)
>>> has this ability.
>>>
>>> NOTE: You must restart the Terminal Server before the new listening port
>>> becomes active, or recreate the RDP listener via Terminal Services
>>> configuration.
>>>
>>> Open the port in firewall (you have done):
>>>
>>> 1) Allowed Remote Access
>>> 2) Allowed port 3390 through the Windows Firewall
>>>
>>> Try to test again to see if the issue be fixed.
>>>
>>> If the issue persists, please kindly help me collect some information to
>>> isolate the issue:
>>> 1. What are the accurate services you use to access the internal
> computer?
>>> 2. What is the accurate error message when you try to access the
>>> internal
>>> computer? Could you kindly help me catch a screen shot of the error
>>> message?
>>> To make a screen shot:
>>>
>>> A. Press Alt + Pr Scrn to capture a screen shot.
>>> B. From Start, go to Run, enter pbrush in the Open box, and then click
> OK.
>>> C. Use Ctrl + V to paste the screen shot to the canvas.
>>> D. From the File menu, go to Save and save as a JPG file.
>>>
>>> 3. Please use the ISAinfo utility to collect the ISA configuration
>>> information for further analyze:
>>>
>>> a. Download the file from the following URL:
>>> http://www.isatools.org/isainfo/ISAInfo.zip
>>> b. Extract all files to a folder on ISA server
>>> c. Double click Isainfo.js. This will generate 2 files
>>> ISAInfo2004-<computer-name>.log and ISAInfo2004-<computer-name>.xml in
> the
>>> current folder.
>>> d. Please send these files to me at feijj@xxxxxxxxxxxxx
>>>
>>> 3. Gather the ISA Web Proxy and Firewall service logs when reproducing
> the
>>> problem:
>>>
>>> Enable the full Web Proxy/firewall logging option:
>>> a. Open ISA 2004 management console.
>>> b. Expand the server node and highlight ''Monitoring''.
>>> c. In the right pane, switch to the ''Logging'' tab, make sure the
>>> ''Task
>>> Pane'' is showed there.
>>> d. In the ''Task Pane'', click ''Configure Web Proxy Logging'' under
>>> ''Logging Tasks'', and then switch the ''log storage format'' from
>>> ''MSDE
>>> database'' (default) to ''File''.
>>> e. Switch to the ''Fields'' tab, and then click ''Select All''.
>>> f. Click OK, and then click ''Apply'' to save changes and update the
>>> configuration.
>>> g. Click ''Configure Firewall Logging''. Do step d~f to enable the full
>>> logging options for firewall logging.
>>>
>>> Prepare to take the trace:
>>> a. Temporarily stop the Firewall service to clear the current existing
> W3C
>>> logs: Monitoring->Services tab, and then right click ''Microsoft
>>> Firewall''
>>> to choose ''Stop''.
>>> b. Go to the log saving directory and clean any existing .W3C logs. By
>>> default, the logs will be saved to ''C:\Program Files\Microsoft ISA
>>> Server\ISALogs''. (Some MDF may not be able to deleted, that''s normal.)
>>> c. Go back to the ISA 2004 management console, and then Start the
>>> stopped
>>> ''Microsoft Firewall'' service.
>>>
>>> Reproduce the problem:
>>> a. Go to the external client computer. Try to access the RWW web site.
>>> b. Go back to the ISA server. Stop the ''Microsoft Firewall'' service.
>>> Open
>>> Windows Explorer, navigate to the ISA log file folder. Collect the
>>> recent
>>> w3c files. Save them to a zip package as ''isalogs.zip''. Start the
>>> ''Microsoft Firewall'' Service.
>>>
>>> Please add all file to a zip file and send the zip packages to me at
>>> v-yanniw@xxxxxxxxxxxxxx If the file is too big, you can split to several
>>> parts and mail me. I appreciate your time and efforts to perform test
>>> and
>>> collect information.
>>>
>>> I am happy to be assistance of you and looking forward to your reply!
>>>
>>> Have a nice day!
>>>
>>> Best Regards,
>>>
>>> Jenny Wu
>>> Microsoft CSS Online Newsgroup Support
>>> Get Secure! - www.microsoft.com/security
>>> ======================================================
>>> This newsgroup only focuses on SBS technical issues. If you have issues
>>> regarding other Microsoft products, you'd better post in the
> corresponding
>>> newsgroups so that they can be resolved in an efficient and timely
> manner.
>>> You can locate the newsgroup here:
>>> http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
>>>
>>> When opening a new thread via the web interface, we recommend you check
>>> the
>>> "Notify me of replies" box to receive e-mail notifications when there
>>> are
>>> any updates in your thread. When responding to posts via your
>>> newsreader,
>>> please "Reply to Group" so that others may learn and benefit from your
>>> issue.
>>>
>>> Microsoft engineers can only focus on one issue per thread. Although we
>>> provide other information for your reference, we recommend you post
>>> different incidents in different threads to keep the thread clean. In
>>> doing
>>> so, it will ensure your issues are resolved in a timely manner.
>>>
>>> For urgent issues, you may want to contact Microsoft CSS directly.
>>> Please
>>> check http://support.microsoft.com for regional support phone numbers.
>>>
>>> Any input or comments in this thread are highly appreciated.
>>> ======================================================
>>> This posting is provided "AS IS" with no warranties, and confers no
>>> rights.
>>>
>>> --------------------
>>>>From: "Barry McConomy" <smile@xxxxxxxxxx>
>>>>Newsgroups: microsoft.public.windows.server.sbs
>>>>Subject: Re: Remote Connection Issue
>>>>Date: Thu, 20 Oct 2005 21:28:47 -0400
>>>>Organization: Posted via Supernews, http://www.supernews.com
>>>>Message-ID: <11lggl56c6naj51@xxxxxxxxxxxxxxxxxx>
>>>>References: <11lg2qg16cdu6c8@xxxxxxxxxxxxxxxxxx>
>>> <ev$GFdc1FHA.2212@xxxxxxxxxxxxxxxxxxxx>
>>>>X-Priority: 3
>>>>X-MSMail-Priority: Normal
>>>>X-Newsreader: Microsoft Outlook Express 6.00.2900.2180
>>>>X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
>>>>X-RFC2646: Format=Flowed; Response
>>>>X-Complaints-To: abuse@xxxxxxxxxxxxx
>>>>Lines: 51
>>>>Path:
>>>
> TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!newsfeed00.sul.t-online.de!t-onli
>>>
> ne.de!newsfeed.freenet.de!ecngs!feeder2.ecngs.de!news.glorb.com!sn-xit-04!sn
>>>
> -xit-12!sn-xit-09!sn-post-01!supernews.com!corp.supernews.com!not-for-mail
>>>>Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.windows.server.sbs:163207
>>>>X-Tomcat-NG: microsoft.public.windows.server.sbs
>>>>
>>>>Hi Bill
>>>>
>>>>Yes, I restarted the server.
>>>>
>>>>Barry
>>>>
>>>>"Bill Swan" <bill@xxxxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
>>>>news:ev$GFdc1FHA.2212@xxxxxxxxxxxxxxxxxxxxxxx
>>>>> Hi Barry...looks good to me... did you restart the ISA service ?
>>>>>
>>>>>
>>>>> "Barry McConomy" <smile@xxxxxxxxxx> wrote in message
>>>>> news:11lg2qg16cdu6c8@xxxxxxxxxxxxxxxxxxxxx
>>>>>> Hi
>>>>>>
>>>>>> System Windows 2000 SBS, with ISA
>>>>>>
>>>>>> I tried to setup a remote client to connect (through port 3390) to a
>>>>>> particular Windows XP Pro workstation within the LAN and failed.
>>>>>>
>>>>>> What I did in ISA
>>>>>>
>>>>>> 1) Created an IP Packet Filter
>>>>>> 2) Created a Protocol Definition
>>>>>> 3) Created a Server Publishing Rule to the IP address of the LAN
>>>>>> Workstation
>>>>>>
>>>>>> What I did with my Router
>>>>>>
>>>>>> 1) Open port 3390 to External NIC IP Address (192.168.2.2)
>>>>>>
>>>>>> What I did on the Workstation
>>>>>>
>>>>>> 1) Allowed Remote Access
>>>>>> 2) Allowed port 3390 through the Windows Firewall
>>>>>>
>>>>>> Can any body see where I went wrong of offer some help/advice.
>>>>>>
>>>>>> PS: I can connect remotely to the SBS and that works fine.
>>>>>>
>>>>>> Regards
>>>>>> Barry
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>
>>>>
>>>>
>>>
>>
>>
>>
>
.
- References:
- Re: Remote Connection Issue
- From: Barry McConomy
- Re: Remote Connection Issue
- From: Barry McConomy
- Re: Remote Connection Issue
- Prev by Date: Terminal Services - hardware requirements
- Next by Date: Re: Remote Connection Issue
- Previous by thread: Re: Remote Connection Issue
- Next by thread: Re: MX Records & Sonic Wall TZ 170 Port Forwarding?
- Index(es):
Relevant Pages
|
