Question

Locked

Cannot Connect Remotely to SBS 2003 or Workstations

By mrsneakyz28 ·
So when using a client computer inside the LAN I can remote into the server as an administrator. What I would like to do from home is either just that, or remote in to one of the workstations at the office. I am fairly new to remote connections but always thought it was pretty straight forward. However when trying to remote in over the internet I have yet to be successful (aside from remote assistance). The server is obviously listening if I was able to connect at the office. What kinds of things would prevent me from connecting over the internet. Incorrect RDP setup from home? Certain protocols on the server? I was fairly diligent in making sure everything would be accessible on the server side...

This conversation is currently closed to new comments.

9 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Answers

Collapse -

firwall issue

by Curacao_Dejavu In reply to Cannot Connect Remotely t ...

On the firewall do a port forwarding on port 3389 to the server (internal ip address).

when you think you have it right on the firewall you can use www.grc.com , go to the shields up page, and scan port 3389
you will be able then to connect from remote

Leopold

Collapse -

Its open

by mrsneakyz28 In reply to firwall issue

Port 3389 is open. Am I configuring something incorrectly on my end? All of my necessary ports are open, there are sometimes when I try to connect that it says this computer can't connect, or sometimes when I change some settings around it says Security Certificate has expired or been revoked. Should I be putting the IP address of the Server in the RD Gateway settings or just in Computer name?

Collapse -

open from the internet ?

by Curacao_Dejavu In reply to Its open

based on grc's website ?
if it is indeed open you should be able to telnet into it from the internet (you already confirmed that you can do that from the lan side).
"telnet x.x.x.x 3389"

if that is not working then the firewall is redirecting to a wrong device.

just use the ip in the computername.

Collapse -

Computer Name IP

by mrsneakyz28 In reply to open from the internet ?

Yeah I ran a scan on the server all necessary ports are open. I had some trouble telnet into it but I think I connected at one point. Now the computer name ip is something along the lines of 192.168.x.x so how do I use that? Put the real ip in RD Gateway server settings and then put that ip in computer name?? Thanks.

Collapse -

Remote connections

by Nimmo In reply to Cannot Connect Remotely t ...

Although you have the port on the firewall open you must specify in the router which PC the packets will be forwarded to on the internal network.

Collapse -

public ip and port forwarding

by Curacao_Dejavu In reply to Cannot Connect Remotely t ...

I see the problem.

verify that from the lan you can connect to the server with rdp.

access to the router and do a port forwarding on port 3389 to the server.

from the internet you need to connect to the public ip address of your router (not the 192.x.x.x one, you need the ip address at the wan side of the router).
use rdp with the public ip address in the computer tab and you are done.

Collapse -

Remote Web Workplace

by Bapster In reply to Cannot Connect Remotely t ...

Read about Remote Web Workplace in SBS 2003, it is much simpler to use, although you still have to open the necessary ports up (I don't recall these off the top of my head) It is web based and provides you a menu listing call the devices on your lan that you can click on to access remotely.

Collapse -

or use RWW as Bapster said

by Churdoo In reply to Cannot Connect Remotely t ...

Relative to your original question, Curacao was right by recognizing you should be using your public IP address to RDP from outside.

Just to expand on Bapster's post, SBS has Remote Web Workplace (RWW) features built in. Instead of exposing RDP 3389, for SBS2003 forward ports 443 and 4125 to use RWW, assuming you've enabled RWW in the SBS CEICW (Configure Email and Internet Connections Wizard). Then from home you browse to the PUBLIC IP of your site (https://xxx.xxx.xxx.xxx/remote), accept the security certificate warning, and log into the RWW. You'll be able to remote into the server, or into any of your workstations that have Remote enabled, use Outlook Web Access, etc.

If your internet connection at your work site is a Dynamic IP then you'll have to subscribe to a Dynamic DNS service or better yet, convert to a static IP internet plan. It's customary to create an A record in your public DNS zone with your site static IP, something like remote.mycompany.com so that you and your remote users don't have to remember the pub IP.

Somewhat complete list of common SBS 2003 ports used externally:
25 = SMTP, if you're hosting your own email via SMTP
80 = HTTP if you're hosting your own public www site
110 = POP if you're allowing users to POP email from offsite (consider Outlook Anywhere instead)
143 = IMAP if you're allowing users to IMAP email from offsite
443 = HTTPS entry point for OWA, RWW
444 = HTTPS if you're using Sharepoint externally
993 = IMAP SSL
1723 = PPTP, if you're using VPN managed by your SBS
4125 = RWW

--C

Back to Networks Forum
9 total posts (Page 1 of 1)  

Hardware Forums