• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Cannot RDP to ISA 2006 issue

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA 2006 Firewall] >> Access Policies >> Cannot RDP to ISA 2006 issue Page: [1]
Login
Message << Older Topic   Newer Topic >>
Cannot RDP to ISA 2006 issue - 21.Jan.2009 4:26:46 PM   
drenaud

 

Posts: 10
Joined: 19.Apr.2005
From: milford
Status: offline
Isa 2006 all current updates as of this posting running on Server 2003 R2 SP2 with all current updates.
Management system is listed with proper IP in the “Remote Management” systems and Terminal services access is enabled in “system Policies”.  The server properties of Server 2003 for enable remote desktop are checked off.
When connecting from the management system to the ISA box via RDP I cannot connect, in the firewall logs it shows me connecting and not denied.  However from the same system I can browse the local system drive via the admin share and ping the ISA server without any issue.  I have this same issue also happening with a second ISA 2006 firewall in a different network.
Any help would be greatly appreciated!
Post #: 1
RE: Cannot RDP to ISA 2006 issue - 21.Jan.2009 4:49:07 PM   
paulo.oliveira

 

Posts: 3472
Joined: 3.Jan.2008
From: Amazon, Brazil
Status: offline
Hi,

quote:

The server properties of Server 2003 for enable remote desktop are checked off.


You have to enable the remote desktop option on Windows 2003, otherwise it does not work!


Regards,
Paulo Oliveira.

(in reply to drenaud)
Post #: 2
RE: Cannot RDP to ISA 2006 issue - 21.Jan.2009 5:55:49 PM   
Gaza

 

Posts: 29
Joined: 17.Oct.2006
Status: offline
Hi Drenaud,

As Paulo advises RDP must be enabled on the target computer, if you don't have physical access to it you can do it via regedit if you have appropriate persmissions on the destination computer by following instructions here: http://www.petri.co.il/remotely_enable_remote_desktop_on_windows_server_2003.htm

HTH.

Cheers,
Gareth

(in reply to paulo.oliveira)
Post #: 3
RE: Cannot RDP to ISA 2006 issue - 22.Jan.2009 2:44:18 AM   
elmajdal

 

Posts: 6022
Joined: 16.Sep.2004
From: Lebanese in Kuwait
Status: offline
Hi,

Check my article here : Administrating ISA Server 2006 Remotely Using MMC and Remote Desktop Connection

_____________________________

Tarek Majdalani

Windows Expert - IT Pro MVP
Facebook : https://www.facebook.com/ElMajdal.Net

(in reply to drenaud)
Post #: 4
RE: Cannot RDP to ISA 2006 issue - 22.Jan.2009 9:19:12 AM   
drenaud

 

Posts: 10
Joined: 19.Apr.2005
From: milford
Status: offline
It seems as though my wording has been misunderstood, where I come from “Checked off” means just that, there is a check in the box, hence it is enabled on the host OS and is not the reason why this is not working.  Thank you for your prompt replies!

(in reply to elmajdal)
Post #: 5
RE: Cannot RDP to ISA 2006 issue - 22.Jan.2009 9:32:19 AM   
drenaud

 

Posts: 10
Joined: 19.Apr.2005
From: milford
Status: offline
I checked the registry key for both ISA 2006 servers and fDenyTSConnections is already set to 0.
Went through your steps, which I have done many times on many ISA installs and I haven’t missed a thing.  As I said the system policy is enabled and the ip I am using is part of the Remote Management Group and the system firewall logs show it connecting and not denied, however RDP does not connect.  All the other remote management defaults work but this one.  At this point it looks as though it may be tied into an update because a fresh install works and then after all updates of OS and ISA the RDP no longer works without a single change to anything on the system but the updates.
Any thoughts as to which update may be causing this?

(in reply to drenaud)
Post #: 6
RE: Cannot RDP to ISA 2006 issue - 22.Jan.2009 10:34:05 AM   
elmajdal

 

Posts: 6022
Joined: 16.Sep.2004
From: Lebanese in Kuwait
Status: offline
Hi,

Have you checked my article ??

quote:


On ISA itself, go to the Terminal Services Configuration and make sure that the RDP-TCP connection is only bound to the ISA Internal interface (Properties -> Network Adapter).

To do this, click on Start > Administrative Tools > Terminal Services Configuration, from the left panel click the Connection node > then on the right page, right click the RDP-TCP  then click on properties  > click on the Network Adapters Tab and then from the drop down list , choose the Internal NIC


_____________________________

Tarek Majdalani

Windows Expert - IT Pro MVP
Facebook : https://www.facebook.com/ElMajdal.Net

(in reply to drenaud)
Post #: 7
RE: Cannot RDP to ISA 2006 issue - 22.Jan.2009 11:14:42 AM   
drenaud

 

Posts: 10
Joined: 19.Apr.2005
From: milford
Status: offline
Yes I have read your article, however there are two issues here with what you have outlined, I need to manage from two different interfaces on the box, and the second is that on a clean install with Server 2003 R2 SP2 & ISA 2006 and no other updates I can manage the server from both of the internal network interfaces via RDP without any configuration beyond the defaults from the base installation. This configuration you mention works, and since these updates does solve the issue of RDP connection to the ISA server, however it keeps me from selecting all adapters and using two internal NIC’s for management via RDP.  This is why I have posed the more precise question as to whether anyone knows which update causes this change in functionality, given yes it makes it more secure but there are those situations you also need it to be more robust too.
Another note, I have not tried but just came to thought, if I make two RDP connections rather than having just one which would allow for both NIC’s in essence to be selected for RDP and not having to use “All network interfaces” within a single defined connection would you see this as a viable solution?  I will try shortly to see if it is in fact viable.  I figured I would pose the question while I am thinking of it.

(in reply to elmajdal)
Post #: 8
RE: Cannot RDP to ISA 2006 issue - 22.Jan.2009 11:26:02 AM   
drenaud

 

Posts: 10
Joined: 19.Apr.2005
From: milford
Status: offline
Creating a second connection under “Connections” within the terminal services configuration MMC did the trick to allow management via RDP from more than one interface.  Thanks for the assistance!
 
I’m still curious as to what update causes this behavior, if you do find out please do let me know.
 
Cheers!

(in reply to drenaud)
Post #: 9
RE: Cannot RDP to ISA 2006 issue - 6.Mar.2009 5:01:44 AM   
frank_hoof

 

Posts: 52
Joined: 27.Mar.2008
Status: offline
I got the same error after installing sp 4 for sql.
But my ISA server is on a remote location, so connecting through the console is not possible.
Is it possible to apply your solution from remote machine?

To be clear, all other management tools work, I can ping, remotely use the console, connect to admin shares, computermanagement and registry editor, but cannot get a rdp session which worked fine before the upgrade and needed reboot.

(in reply to drenaud)
Post #: 10

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA 2006 Firewall] >> Access Policies >> Cannot RDP to ISA 2006 issue Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts