Re: User access form remote Site ove managed VPN


Thanks for getting back to me Roman.
I am still pulling my hair out as this should all be so simple if you folow
the basic directions for implementing a terminal server on SBS2003 domain.
Any how the status is the same...
I have confirmed that we are not blocking ports anywhere on the managed VPN
and the routing seems to be OK...

A few more details may assist anyone with identifying my issue.
I can Ping the terminal Server.
I can Ping the Main SBS2003 Server.

Run netstat -a -o on my terminal server and you get the following:
C:\Documents and Settings\administrator.SUK>netstat -a -o

Active Connections

Proto Local Address Foreign Address State PID
TCP SUK-TERMINAL:epmap SUK-TERMINAL.SUK.local:0 LISTENING 932
TCP SUK-TERMINAL:microsoft-ds SUK-TERMINAL.SUK.local:0 LISTENING
4
TCP SUK-TERMINAL:1025 SUK-TERMINAL.SUK.local:0 LISTENING 656
TCP SUK-TERMINAL:ms-wbt-server SUK-TERMINAL.SUK.local:0 LISTENING
4
36
TCP SUK-TERMINAL:6129 SUK-TERMINAL.SUK.local:0 LISTENING 1116
TCP SUK-TERMINAL:1115 SUK-TERMINAL.SUK.local:6139 ESTABLISHED
174
4
TCP SUK-TERMINAL:6139 SUK-TERMINAL.SUK.local:0 LISTENING 1116
TCP SUK-TERMINAL:6139 SUK-TERMINAL.SUK.local:1115 ESTABLISHED
111
6
TCP SUK-TERMINAL:netbios-ssn SUK-TERMINAL.SUK.local:0 LISTENING 4
TCP SUK-TERMINAL:2960 suksbserver.suk.local:netbios-ssn ESTABLISHED
4
TCP SUK-TERMINAL:6129 suk-ct-lapopera.suk.local:1611 ESTABLISHED
1116
UDP SUK-TERMINAL:microsoft-ds *:* 4
UDP SUK-TERMINAL:isakmp *:* 656
UDP SUK-TERMINAL:1026 *:* 1008
UDP SUK-TERMINAL:1027 *:* 1008
UDP SUK-TERMINAL:ipsec-msft *:* 656
UDP SUK-TERMINAL:ntp *:* 1064
UDP SUK-TERMINAL:1028 *:* 656
UDP SUK-TERMINAL:1042 *:* 436
UDP SUK-TERMINAL:1051 *:* 592
UDP SUK-TERMINAL:2925 *:* 3556
UDP SUK-TERMINAL:ntp *:* 1064
UDP SUK-TERMINAL:netbios-ns *:* 4
UDP SUK-TERMINAL:netbios-dgm *:* 4

C:\Documents and Settings\administrator.SUK>

Notice no Listening RDP Port 3389 ??? What is that all about?

If I try to telnet to the RDP port on the SBServer it is OK but if I try to
telnet to the RDP port ont he terminal Server I get the following error
message:


C:\Documents and Settings\administrator.SUK>Telnet SUK-Terminal:3389
Connecting To SUK-Terminal:3389...Could not open connection to the host, on
port
23: Connect failed

C:\Documents and Settings\administrator.SUK>

Any ideas would be appreciated.
--
Regards Reodd


"Roman Porter [MSFT]" wrote:

Reodd,

This definitely sounds like a network issue, since you can access the main
server at the head office from remote sites but not any other machine on the
network. Can you check how the routes are setup? What is different in the
routing to the main server vs. the other machines on the network? Can you
telnet to the RDP port on the other machines?

Thanks,
Roman

"Reodd" <Reodd@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:52E7AAE2-D270-4E25-9C39-C19DD2209F9A@xxxxxxxxxxxxxxxx
Hi Guys
I have deployed MS Terminal Services on an independant server within my
Local SBS2003 Domain at head office.
Access from designated LAN users is great....No Problems.
Access from Home users or over a sbsremote connection VPN tunnel
great......No Problems

Access from my remote offices over the dedicated WAN managed VPN Link with
nothing blocked in any direction...Is not going well.

We can ping the server from anywhere even the remote sites so seeing it is
not the issue.
We can remote desktop only the main server at headoffice from remote
sites.
We cann not access any remote desktop for any machine over the VPN.

I am using ISA 2004 also to control all other traffic but my ISP provides
a
managed VPN link between remote sites and headoffice.

I do not think that the managed VPN is the issue as I would not be able to
access the main server RDP
It is not ISA, again I wouldnt be able to access the main SBS2003 server.

I am pulling my hair out here.....and fast running out of ideas.
Any guidance would be appreciated.

Head Office LAN IP Range - 192.168.16.0/24
Remote Site 01 IP Range - 10.10.2.0/24
Remote Site 02 IP Range - 10.10.3.0/24

Regards

--
Regards Reodd


.

Relevant Pages

  • Re: Event ID 1566 and 1311 KCC errors
    ... I have ran replication monitor from the main dc and it does not report any ... unreacahble for the other remote sites. ... Netdiag on each server does not report any errros. ...
    (microsoft.public.windows.server.active_directory)
  • Re: SMS Traffic Storm
    ... The SMS Executive service was stopped on the Primary SMS ... Server at 4:12 PM on 12/7, but BITS, WWW, and SMS Agent Host were not stopped ... > the time of the storm. ... > and not from any of the remote sites. ...
    (microsoft.public.sms.swdist)
  • Re: Adding Domain Controllers to Remote Sites
    ... remote location and perform the necessary configuration across the network. ... proces is site aware so when you promote a server in a site to be a GC ... Configuring Domain Controllers in remote sites ... domain controller that will be running at each site. ...
    (microsoft.public.windows.server.general)
  • Re: User access form remote Site ove managed VPN
    ... This definitely sounds like a network issue, since you can access the main server at the head office from remote sites but not any other machine on the network. ... managed VPN link between remote sites and headoffice. ...
    (microsoft.public.windows.terminal_services)
  • Re: SMS Traffic Storm
    ... I have looked at every advertisement we have, ... Where can I look on the server to see which advertisement was being ... and not from any of the remote sites. ... > Do you have BITS enabled distribution points? ...
    (microsoft.public.sms.swdist)
Loading