Re: Using Remote Desktop From an SBS Domain

After I thought about needing 3389 forwarded on my router to allow me to
Remote Desktop "out" from a workstation on my SBS network to a host XP
machine on another network I have to ask, do I have 3389 forwarded to the
WAN side of my SBS NIC and then SBS/ISA will do the routing to which ever
workstation I'm using? And am I assuming correctly that 3389 both in and out
needs forwarded for TCP?

Thanks
Jeff


"Merv Porter [SBS-MVP]" <mwport@xxxxxxxxxxxxxxxxxxx> wrote in message
news:uO8xjDn8HHA.1900@xxxxxxxxxxxxxxxxxxxxxxx
I assume you go the same login failure (Unknown user name or bad password)
when you tried to RDP while attached directly to a port on your router? I
also assume that you disabled the ISA firewall client during this test if
you were using a domain workstation.

Your ISP should be forwarding ALL traffic to you that is destined for your
IP adddress (no filtering or blocking of ports or traffic). This will
allow your router and/or ISA to direct all incoming traffic. They need to
have port 3389 open on their side (both inbound and outbound).

I don't have an Internet IP Address
http://www.homenethelp.com/sharing/private-ip-address.asp

(in the article, Netmeeting is similar to RDP)

"How limiting is it?
If your ISP has you behind a NAT router, there is no way for someone on
the Internet to initiate an IP conversation with your computer. That means
NO SERVERS. You can not run a game server, ftp server or web server.
Outgoing VPN connections will most likely not work so forget connecting to
your office LAN over the Internet. Advanced teleconferencing programs like
NetMeeting will not work. ICQ will not work correctly as well as MSN
Messenger file send/receive. Lastly, some multi-player games will not even
allow you to join a game on the Internet.

This situation is different than if you ran your own NAT connection
sharing box (like a broadband router) because you have no control over the
ISP NAT router. If it were your own, you could adjust settings in the
router to make most of those applications work properly. "

Looks like you're using Surgardog.com as your ISP. I suspect your
somewhere on the outskirts of Monticello and don't have a lot of ISP
choices in your area. Are there any other non-wireless ISPs available to
you (maybe Verizon DSL)?

--
Merv Porter [SBS-MVP]
============================

"Jeff Teel" <jdteel@RMoveThis sugardog.com> wrote in message
news:eAoWwFm8HHA.1204@xxxxxxxxxxxxxxxxxxxxxxx
I gave your suggestion a try Merv. I tried both on my SBS domain and then
with the same user account connected directly to my router with no luck.
Hopefully next week I can attempt a connection while my ISP watches the
traffic pass through his network and see what we find. He is a Linux
person so we speak different languages but hopefully we can find some
common ground. He has little experience with Windows services and
Operating Systems so I've tried to educate myself as much as possible with
what a Remote Desktop Connection requires, specifically on the client end.
Is there anything special/specific needed on the client end to make the
connection?

Jeff


"Jeff Teel" <jdteel@RMoveThis sugardog.com> wrote in message
news:OOIdMwk8HHA.2208@xxxxxxxxxxxxxxxxxxxxxxx
I will give that a try Merv. One point I don't think I've made in this
post is that when using dialup and actually making the connection I'm
simply disconnecting from the SBS LAN, plugging my dialup modem in and
making Remote Desktop Connecting with the same SBS domain user account. I
will be curious to see what happens with a new domain account though and
post back!

Jeff

"Merv Porter [SBS-MVP]" <mwport@xxxxxxxxxxxxxxxxxxx> wrote in message
news:udRr9Sj8HHA.1900@xxxxxxxxxxxxxxxxxxxxxxx
Just curious...

+ Create a domain user with the same username as that required for the
RDP to the University computer. Create a domain user password of your
choice.
+ Log onto a LAN workstation with this username
+ Open RDP and enter the (University) static IP address for the
computer name, as well as the (Univeristy) username and (Univeristy)
password for logon credentials

Question: can you RDP to the external computer with this scenario?

--
Merv Porter [SBS-MVP]
============================

"Jeff Teel" <jdteel@RMoveThis sugardog.com> wrote in message
news:e5q6uMc8HHA.1208@xxxxxxxxxxxxxxxxxxxxxxx
I am in communication with them now. They use NAT and private IP
addresses between me and the Internet and that is as much as I know.


"Claus" <cjobes@xxxxxxxxxxxxx> wrote in message
news:em0wu3b8HHA.3916@xxxxxxxxxxxxxxxxxxxxxxx
No, it wouldn't. There is definitely something on that router or
between the router and the internet. What is between that router and
the internet? Have you talked to your ISP?

--
Claus
"Jeff Teel" <jdteel@RMoveThis sugardog.com> wrote in message
news:OC%23eevb8HHA.464@xxxxxxxxxxxxxxxxxxxxxxx
There is an NAT router supplied by my ISP. I don't know if it's
anything more than that or not. This is a fixed wireless Internet
connection so even after my router there is a large private network
to travel through before I get to the actual Internet. I do have an
SBS RDP Outbound Access Rule in ISA.

I plugged my laptop into my router location and temporarily plugged
in there and still couldn't RDP so I suspect the ISP's router is
where the problem is. But if it's just NAT would it still be
blocking outbound traffic for Remote Desktop?

Thanks
Jeff


"Claus" <cjobes@xxxxxxxxxxxxx> wrote in message
news:eskDuXb8HHA.1208@xxxxxxxxxxxxxxxxxxxxxxx
ISA in a standard configuration would not prevent you from using
Remote Desktop from within your LAN to a computer on the internet.
I do this all the time. Do you by any chance have a firewall
between your SBS WAN and the Internet?

--
Claus
"Jeff Teel" <jdteel@RMoveThis sugardog.com> wrote in message
news:eqjnf5a8HHA.2752@xxxxxxxxxxxxxxxxxxxxxxx
I am narrowing down where the problem is with connecting to an XP
Pro computer that is on a remote network now. I was able to use a
dial-up Internet connection, bypassing my SBS/ISA network all
together. So the machine that I'm trying to connect to is
configured to accept Remote Desktop Connections. Now I just have to
figure what is preventing me from connecting while I'm using my XP
Workstation when connected to my SBS network. Would ISA be
preventing outbound RDP connections or do ports have to be open to
allow me to Remote Desktop out from my SBS network?

I've spent most of the day looking for information regarding the
client end of a Remote Desktop connection and have found little
about it. Maybe it's just not normally an issue.

Thanks for any suggestions.

Jeff


"Jeff Teel" <jdteel@RMoveThis sugardog.com> wrote in message
news:%23GACASX8HHA.4436@xxxxxxxxxxxxxxxxxxxxxxx
I have looked at that article again today and also read through it
yesterday. It goes into detail about how to set the host computer
up (the machine who's desktop I'm wanting to connect to) but
doesn't say much about ports or settings on the client end. I have
no control over the host end but just wanted to be sure I have
things set correctly on the client end to allow this to work.

Thanks
Jeff


"Ritch_DA" <RitchDA@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:605F7F3E-475B-446B-B179-DA125DD90ECB@xxxxxxxxxxxxxxxx
From what I remember when you install tsweb on your host PC you
can change
the port number you connect to from 80 (default) to a port of
your choice.
Then obviously create the port forward in your router on your
chosen port to
the appropriate IP (local PC's IP) then connect to it in
internet explorer
using the following syntax: http://ipaddress:port/tsweb/

You still need to open 3389.

Have a careful read through those instructions I linked to, that
article
explains exactly how to setup what you are trying to do.

-----------------------------------------------------------------
"Jeff Teel" wrote:

It would appear that way but I'm not sure just how to change
that. This
machine is on a University network and has a public IP address
assigned to
it. I have tried using the IP address in the Computer: box as
well as the
actual domain/computer name of the machine with the same
results. You
sparked a question in my mind about installing tsweb on the
host pc though.
Am I assuming correctly that connecting using a web browser
through ts still
uses port 3389? Either way (using a web browser or the Remote
Desktop
client) does it require any ports to be open on the client end?

Thanks
Jeff

"Ritch_DA" <RitchDA@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:74C2DFCE-73F1-4B09-918F-BF2A43CA36BA@xxxxxxxxxxxxxxxx
Hi Jeff

I read through very quickly but it sounds like you are
connecting to the
wrong machine.

Good solution is to install tsweb on the host machine, change
the port to
something other than 3389 then connect to the machine via
your browser.

Here's all the info you need:
http://www.microsoft.com/windowsxp/using/networking/expert/northrup_03may16.mspx

Hope that helps

"Jeff Teel" wrote:

I have tested it and I get the message "The system could not
log you on.
Make sure your user name and domain are correct, then type
your password
again. Letters in the password must be typed in the correct
case." I am
positive that the username and password are being put in
correctly. There
are a couple of things that make me question settings. One,
when I get
the
message The system could not log you on........ my
workstation appears to
be
trying to logon to my SBS. The desktop picture thats on my
server shows
and
the Windows Server logon screen appears for me to re-enter
the
credentials.
I'm also getting logon failure errors in my security log
from the server.
I
can however see the connection take place in ISA

Logon Failure:
Reason: Unknown user name or bad password
User Name: test
Domain: network
Logon Type: 10
Logon Process: User32
Authentication Package: Negotiate
Workstation Name: SERVER
Caller User Name: SERVER$
Caller Domain: teelnet
Caller Logon ID: (0x0,0x3E7)
Caller Process ID: 5296
Transited Services: -
Source Network Address: 10.10.2.4
Source Port: 60818

Some history about my Internet connection. I have a fixed
wireless
Internet
provider. The provider maintains a large wireless LAN that
uses private
IP
addresses.They have access points located on towers around
the area that
a
device from my location looks at. The Source Network
Address: 10.10.2.4
is
the wireless IP address side of my router. In short my
router has two
NIC's,
the 10.10.2.4 (fixed wireles side) and 192.168.0.x side.

Thanks
Jeff


"Claus" <cjobes@xxxxxxxxxxxxx> wrote in message
news:OXrFkqQ8HHA.5012@xxxxxxxxxxxxxxxxxxxxxxx
did you test it? did it work?

--
Claus
"Jeff Teel" <jdteel@RMoveThis sugardog.com> wrote in
message
news:%23NvyCJP8HHA.5984@xxxxxxxxxxxxxxxxxxxxxxx
I am attempting to connect to a Windows XP Pro PC on a
totally
different
network from a workstation on my SBS network. I have SBS
2003 SP1 with
ISA
2004. The PC that I'm trying to connect to does have a
static IP
address
and I'm using that for the Computer Name in the Remote
Desktop
Connection
client. I used "telnet xxx.xxx.xxx.xxx 3389" to see if the
remote
workstation was listening on the correct port and it is.
My question,
are
there any ISA adjustments needed on my network in order
for me to
Remote
Desktop out to another XP Pro machine on a different
network over the
Internet? I'm using the c:\windows\system32\mstsc.exe
application to
make
the connection. The remote host does not have Remote
Desktop Web
Connection installed on it.

Thanks
Jeff































.

Relevant Pages

  • Re: Connection from remote computer to network SQL Server
    ... There is no firewall on the W2K machine acting as the SQL server. ... I tried making the SQL machine a "trusted" on the router. ... connection works. ... To find the IP address of your computer inside the network, ...
    (microsoft.public.access.adp.sqlserver)
  • Re: Unable to obtain a server- assigned IP address Try again later or enter an IP address in Net
    ... I can go to Control Panel - Network and Internet Connections - ... If yours is not a subset of your router, ... I have a LINKSYS router (4 port connection) - I have my cable modem ...
    (microsoft.public.pocketpc)
  • Re: Connection from remote computer to network SQL Server
    ... There is no firewall on the W2K machine acting as the SQL server. ... I tried making the SQL machine a "trusted" on the router. ... connection works. ... To find the IP address of your computer inside the network, ...
    (microsoft.public.access.adp.sqlserver)
  • Re: Loss of Connectivity on Only One PC on a LAN
    ... When you ran the Network Setup Wizard, ... The original setup of the LAN was done entirely by the user of the other PC on that LAN in July. ... I use a LAN connection which consists of two PCs each connected to a Linksys BEFSR 41 Router. ...
    (microsoft.public.windowsxp.network_web)
  • Re: Cant locate my computer via IP address and ping
    ... Is it possible your home PC that is connected via DSL is also behind a firewall/NAT/router? ... On your home PC, the one you want to Remote Desktop into, run the ipconfig command from the ... > dedicated DSL connections. ... I can use remote desktop just fine on my MS Workgroup network... ...
    (microsoft.public.windowsxp.network_web)