• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Can't Remote Desktop to server anymore

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 General ] >> ISA 2004 SBS >> Can't Remote Desktop to server anymore Page: [1]
Login
Message << Older Topic   Newer Topic >>
Can't Remote Desktop to server anymore - 26.Sep.2006 11:22:48 PM   
cory_jackson

 

Posts: 7
Joined: 23.Sep.2006
Status: offline
Problem: I can not make a RD connection to the server from the LAN or
WAN side.

Enviro: I have SBS 2003 Premium with ISA 2004 on a simple network. The
only extra thing is a Windows 2003 Standard server running as a
Terminal Server.

Various facts:
1.      RD worked on the SBS in the beginning. I installed ISA later and
later RD stopped working. I don't know if it happened at the same
time. Intermittently but rarely RD has worked. However it hasn't
worked for some time now.
2.      RWW is working perfectly. When I log in as admin from inside or
outside I see both the terminal server and the small business server in
the list but when I try to connect to the SBS it fails. TS works
perfectly.
3.      I tried making a RD connection directly (without RWW) and internally
to the SBS using 3389 and it fails to make a connection. A similar
attempt to the TS works fine.
4.      I tried Telnet to 3389 and I get "connection failed". However if
I Telnet to the working TS I get the same thing so I don't know if
this proves anything. I just saw many posts mentioning this as a test
and thought I would try it.
5.      RD is enabled in the System Properties. I tried to disable and
re-enable.
6.      I tried rerunning the Internet connection wizard again to no avail.
7.      Tried using IP addresses to avoid name resolution issues.
8.      Tried using port 4125 to no avail. (desperation)

Thought:
1.      I don't think it's a RWW issue. I can't get any info on how
RWW handles connections for the outside world but it seems regardless
of any problems there I should be able to connect if I make direct RD
connection.
2.      It seems the problem is somehow in ISA.

Questions:
1.      How do I fix it? <g>
2.      Am I safe to assume that I should be able to directly connect to the
LAN side to the SBS on 3389 regardless of RWW settings and such?
3.      How does RWW handle RD requests?
4.      If I don't have Windows Firewall due to the installation does ISA
somehow do the same thing?

Thanks in advance!
Post #: 1
RE: Can't Remote Desktop to server anymore - 2.Oct.2006 7:28:30 PM   
ababinchak

 

Posts: 195
Joined: 16.Aug.2005
From: Michigan
Status: offline
Not knowing what custom rules you have setup on your ISA server makes offering a solution difficult.

You should have a look at the ISA logs to find out what is being denied and why. Using the Live Logging feature. Once you have this information, if you need more help, post the denied packets along with an ipconfig /all and we might be able to offer a couple more pointers.

_____________________________

Amy

Need more help? http://isainsbs.blogspot.com

(in reply to cory_jackson)
Post #: 2
RE: Can't Remote Desktop to server anymore - 7.Oct.2006 7:54:43 PM   
cory_jackson

 

Posts: 7
Joined: 23.Sep.2006
Status: offline
I've been distracted with other projects but Iím back on this one now.

This thing will not allow me to attach files (says I don't have permission) I'll just toss them into the message body. Hope you can figure it out. The log file copy looks like a mess. Typically it does three of these attempts in rapid succession and quits.

Really Iím suffering from a basic understanding on how this thing functionally works. I have no idea what part does what and all I see are terms that are only vaguely recognizable. I picked up a book at the store and was dumbfounded. Ten million things in there and infinitely thick. As with many things like this I need a slimmed down guide whose scope is limited to a simple SBS installation with best and simple practices and not an encyclopedia of everything it can possibly do. If anyone has any suggestions Iíd be very interested in some suggested reading.




Windows IP Configuration
  Host Name . . . . . . . . . . . . : server
  Primary Dns Suffix  . . . . . . . : ipsd.local
  Node Type . . . . . . . . . . . . : Unknown
  IP Routing Enabled. . . . . . . . : No
  WINS Proxy Enabled. . . . . . . . : Yes
  DNS Suffix Search List. . . . . . : ipsd.local
Ethernet adapter Network Connection:
  Connection-specific DNS Suffix  . :
  Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet
  Physical Address. . . . . . . . . : 00-14-5E-2A-73-61
  DHCP Enabled. . . . . . . . . . . : No
  IP Address. . . . . . . . . . . . : 216.70.33.151
  Subnet Mask . . . . . . . . . . . : 255.255.255.0
  Default Gateway . . . . . . . . . : 216.70.151.1
  DNS Servers . . . . . . . . . . . : 192.168.1.1
  Primary WINS Server . . . . . . . : 192.168.1.1
  NetBIOS over Tcpip. . . . . . . . : Disabled
Ethernet adapter Server Local Area Connection:
  Connection-specific DNS Suffix  . :
  Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet #2
  Physical Address. . . . . . . . . : 00-14-5E-2A-73-60
  DHCP Enabled. . . . . . . . . . . : No
  IP Address. . . . . . . . . . . . : 192.168.1.1
  Subnet Mask . . . . . . . . . . . : 255.255.255.0
  Default Gateway . . . . . . . . . :
  DNS Servers . . . . . . . . . . . : 192.168.1.1
  Primary WINS Server . . . . . . . : 192.168.1.1




Original Client IP Client Agent Authenticated Client Service Server Name Referring Server Destination Host Name Transport MIME Type Object Source Source Proxy Destination Proxy Bidirectional Client Host Name Filter Information Network Interface Raw IP Header Raw Payload Source Port Processing Time Bytes Sent Bytes Received Result Code HTTP Status Code Cache Information Error Information Log Record Type Log Time Destination IP Destination Port Protocol Action Rule Client IP Client Username Source Network Destination Network HTTP Method URL
192.168.1.24    SERVER -  TCP -      -    3143 0 0 0 0x0   0x0 0x0 Firewall 10/7/2006 4:26:10 PM 192.168.1.1 3389 RDP (Terminal Services) Initiated Connection SBS Protected Networks Access Rule 192.168.1.24  Internal Local Host - -
192.168.1.24    SERVER -  TCP -      -    3143 0 48 40 0x80074e21   0x0 0x0 Firewall 10/7/2006 4:26:10 PM 192.168.1.1 3389 RDP (Terminal Services) Closed Connection SBS Protected Networks Access Rule 192.168.1.24  Internal Local Host - -



(in reply to cory_jackson)
Post #: 3
RE: Can't Remote Desktop to server anymore - 7.Oct.2006 9:13:42 PM   
cory_jackson

 

Posts: 7
Joined: 23.Sep.2006
Status: offline
I figured it out! The problem was that the TS was configured to bind on all adapters when it should have been configured to bind to the internal NIC only. I found this great discussion below as a link from another discussion and even though Iím not sure I understand it all I tried the guyís suggestion and it worked! I didnít even have to reboot or restart the service. I wonder if SP1 might not have undone a SBS ISA special configuration.

http://www.mcse.ms/archive99-2006-2-2156417.html

(in reply to cory_jackson)
Post #: 4
RE: Can't Remote Desktop to server anymore - 20.Oct.2006 1:20:20 PM   
ababinchak

 

Posts: 195
Joined: 16.Aug.2005
From: Michigan
Status: offline
Cory,

I've not seen others with this problem. Might have been something quirky with your installation. Glad that you were able to resolve it.

_____________________________

Amy

Need more help? http://isainsbs.blogspot.com

(in reply to cory_jackson)
Post #: 5

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 General ] >> ISA 2004 SBS >> Can't Remote Desktop to server anymore Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts