Terminal Server (W2K3) over web
in [Terminal Services]
|
From: M. M�ller on 29 Jan 2010 11:45 On Fri, 29 Jan 2010 05:16:12 -0800, TrustedVolume <TrustedVolume(a)discussions.microsoft.com> wrote: >I tried every location on the Firewall (WAN, LAN and *) but it is still the >same. If it was a very complex network the struggle would've been easier to >digest for me but the W2K3 TS is a standalone server just doing TServices. So >there isn't really much that can go wrong bar Firewall or local TS settings. >This is driving me up the wall :lol: > >I've been over firewall policies/rules 300 times but to be sure to be sure I >am going to go over them once more. The only reason I don't think it is >firewall issue is because the workstations are accessible via the web using >the same rule... hi. so if i understand your network topology correctly: your computers at work sit behind a neat router (some dsl-router or a more sophisticated one?) on which you simply choose to which ip / host to forward port 3389. in case you tell your router to forward to any one of your workstations, remote desktop works fine. in case you forward 3389 to your ts, it does not work. i assume both workstations and ts are in the same subnet and workgroup / domain and that terminal services are up and running, since you can reach your ts from inside the "work"-net. i further assume that your router is not set to filter traffic to your ts to be blocked. so either there is some misconfiguration in your (presumably windows built-in) firewall blocking attempts to connect from anywhere but your "work"-net or your router has some setting applied to not allow traffic to that ip overruling your setting to forward 3389 to your ts's ip. i'd try to disable the firewall on your ts for testing purpose, try to connect via rdp and see if it works. if so, your firewall is blocking the traffic, otherwise you need to check somewhere else (router?).
From: TrustedVolume on 29 Jan 2010 18:41 Hi, Yeah the layout is pretty simple: Web -> Cable Router -> Firewall -> Network (Servers/Workstations) all on the same subnet 192.168.15.0/24 To be perfectly honest with you I see NO reason why this shouldn't work. The TS has only one NIC and has it's Firewall disabled. What you said in the first 3 paragraphs is correct bar the TS which is not part of the domain but a standalone server but that should in theory not be a reason for the server not accepting requests from outside the LAN if the firewall porting is working (and it is by means of workstations being logged on via web). I think I should take a step back and have a long and hard think about what is happening. Maybe I am trying to overcomplicate my troubleshooting angle but I don't think so... Thx "M. Müller" wrote: > On Fri, 29 Jan 2010 05:16:12 -0800, TrustedVolume > <TrustedVolume(a)discussions.microsoft.com> wrote: > > hi. > > so if i understand your network topology correctly: > > your computers at work sit behind a neat router (some dsl-router or a > more sophisticated one?) on which you simply choose to which ip / host > to forward port 3389. in case you tell your router to forward to any > one of your workstations, remote desktop works fine. in case you > forward 3389 to your ts, it does not work. > > i assume both workstations and ts are in the same subnet and workgroup > / domain and that terminal services are up and running, since you can > reach your ts from inside the "work"-net. i further assume that your > router is not set to filter traffic to your ts to be blocked. > > so either there is some misconfiguration in your (presumably windows > built-in) firewall blocking attempts to connect from anywhere but your > "work"-net or your router has some setting applied to not allow > traffic to that ip overruling your setting to forward 3389 to your > ts's ip. > > i'd try to disable the firewall on your ts for testing purpose, try to > connect via rdp and see if it works. if so, your firewall is blocking > the traffic, otherwise you need to check somewhere else (router?). > > . >
From: M. M�ller on 30 Jan 2010 05:32 On Fri, 29 Jan 2010 15:41:02 -0800, TrustedVolume <TrustedVolume(a)discussions.microsoft.com> wrote: >Web -> Cable Router -> Firewall -> Network (Servers/Workstations) all on the >same subnet 192.168.15.0/24 sounds simple, yes. >To be perfectly honest with you I see NO reason why this shouldn't work. The >TS has only one NIC and has it's Firewall disabled. this definitely excludes the firewall as a problem here, i'd say.. ;) only other option i see would be checking the ts's terminal services settings for any problems. if i had my 2k3 cd at hand, i'd try some configuration options, but cd is at work and i am - obviously not.. good luck so far anyway ;)
From: TrustedVolume on 30 Jan 2010 13:06 This seems to have been one of those "self healing problems"... Shortly after I posted the message here yesterday the TS service started to work to the server. I kid you not... and as I type this the thing stopped working again a day later. Dyndns also shows error 337 (network error) in the firewall. Somehow I think this SonicWALL is acting up. I read somewhere that when you make changes it might not update correctly and you have to restart the FireWall a few times to get the running config to take effect properly without conflicts. If either that is true or not I don't know but at this stage the finger is starting to point towards the FW and maybe the old firmware. Think it is time to dump the SonicWall and get something else... Will post my findings and thanks to everyone who replied :) "M. Müller" wrote: > On Fri, 29 Jan 2010 15:41:02 -0800, TrustedVolume > <TrustedVolume(a)discussions.microsoft.com> wrote: > > >Web -> Cable Router -> Firewall -> Network (Servers/Workstations) all on the > >same subnet 192.168.15.0/24 > > sounds simple, yes. > > >To be perfectly honest with you I see NO reason why this shouldn't work. The > >TS has only one NIC and has it's Firewall disabled. > > this definitely excludes the firewall as a problem here, i'd say.. ;) > > only other option i see would be checking the ts's terminal services > settings for any problems. > > if i had my 2k3 cd at hand, i'd try some configuration options, but cd > is at work and i am - obviously not.. good luck so far anyway ;) > . >
From: M. M�ller on 30 Jan 2010 15:42 On Sat, 30 Jan 2010 10:06:01 -0800, TrustedVolume <TrustedVolume(a)discussions.microsoft.com> wrote: >Dyndns also shows error 337 (network error) in the firewall. Somehow I think >this SonicWALL is acting up. I read somewhere that when you make changes it >might not update correctly and you have to restart the FireWall a few times >to get the running config to take effect properly without conflicts. If >either that is true or not I don't know but at this stage the finger is >starting to point towards the FW and maybe the old firmware. Think it is time >to dump the SonicWall and get something else... i think i pointed towards your firewall in my second last posting ;) hope you can fix it, anyway marcel
First
|
Prev
|
Pages: 1 2 Prev: Remote desktop disconnecting after some seconds Next: salvage TS license |