Can't connect to pcs remotely

Discussion in 'Windows Small Business Server' started by John, Aug 7, 2004.

  1. John

    John Guest

    Hi

    I have tried connecting to server and client PCs via rww using http//[public
    ip]/remote and it works fine from inside but fails to connect to any of the
    machines from outside even though it allows me into the rww web console.

    What is the problem?

    Thanks

    Regards

    PS: Outlook web access works fine remotely.
     
    John, Aug 7, 2004
    #1
    1. Advertisements

  2. Hi John

    Standard or Premium with ISA? When you ran CEICW did you assign Certificate
    to IP Address or FQDN? Post your IPCONFIG /ALL for Server and one of your
    WS

    Frank McCallister
    COMPUMAC
     
    Frank McCallister, Aug 7, 2004
    #2
    1. Advertisements

  3. John

    John Guest

    Premium with ISA. certificate assigned based on the public IP of the
    external nic given by isp.

    It works fine if I vpn using a dialup then use remote desktop to connect.
    The only problem is to connect to server desktop via rww web console.

    ipconfig below. As I am not there now, I have connected and obtained
    ipconfig remotely.

    Thanks

    Regards


    Windows IP Configuration

    Host Name . . . . . . . . . . . . : myserver

    Primary Dns Suffix . . . . . . . : mydomain.local

    Node Type . . . . . . . . . . . . : Unknown

    IP Routing Enabled. . . . . . . . : Yes

    WINS Proxy Enabled. . . . . . . . : Yes

    DNS Suffix Search List. . . . . . : mydomain.local


    PPP adapter RAS Server (Dial In) Interface:

    Connection-specific DNS Suffix . :

    Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface

    Physical Address. . . . . . . . . : 00-53-45-00-00-00

    DHCP Enabled. . . . . . . . . . . : No

    IP Address. . . . . . . . . . . . : 192.168.16.23

    Subnet Mask . . . . . . . . . . . : 255.255.255.255

    Default Gateway . . . . . . . . . :

    NetBIOS over Tcpip. . . . . . . . : Disabled


    Ethernet adapter Network Connection:

    Connection-specific DNS Suffix . :

    Description . . . . . . . . . . . : Realtek RTL8029(AS) PCI Ethernet
    Adapter

    Physical Address. . . . . . . . . : 00-C0-DF-E4-9E-5F

    DHCP Enabled. . . . . . . . . . . : No

    IP Address. . . . . . . . . . . . : x.x.x.137 (public ip for server
    external nic given by isp)

    Subnet Mask . . . . . . . . . . . : 255.255.255.248

    Default Gateway . . . . . . . . . : x.x.x.142 (router ip given by isp)

    DNS Servers . . . . . . . . . . . : 192.168.16.2

    Primary WINS Server . . . . . . . : 192.168.16.2

    NetBIOS over Tcpip. . . . . . . . : Disabled


    Ethernet adapter Server Local Area Connection:

    Connection-specific DNS Suffix . :

    Description . . . . . . . . . . . : Intel(R) PRO/1000 XT Network
    Connection

    Physical Address. . . . . . . . . : 00-0F-1F-67-37-17

    DHCP Enabled. . . . . . . . . . . : No

    IP Address. . . . . . . . . . . . : 192.168.16.2

    Subnet Mask . . . . . . . . . . . : 255.255.255.0

    Default Gateway . . . . . . . . . :

    DNS Servers . . . . . . . . . . . : 192.168.16.2

    Primary WINS Server . . . . . . . : 192.168.16.2


     
    John, Aug 7, 2004
    #3
  4. What is the error you get?
     
    Steve Foster [SBS MVP], Aug 8, 2004
    #4
  5. Chad A. Gross [SBS MVP], Aug 8, 2004
    #5
  6. John

    John Guest

    Nope. I have switched on the UPnP.

    Regards

     
    John, Aug 8, 2004
    #6
  7. That won't be enough on its' own - but if you were to rerun the CEICW,
    it should now reconfigure the router for you.
     
    Steve Foster [SBS MVP], Aug 8, 2004
    #7
  8. John

    John Guest

    I have run the internet connection wizard a few times after that but no
    luck.

    Regards
     
    John, Aug 8, 2004
    #8
  9. Hi John

    When you connect do you get the correct certificate? Have you tried Https: ?

    Frank
     
    Frank McCallister, Aug 8, 2004
    #9
  10. John

    John Guest

    Yes on both counts. It works fine internally. Also externally, I can get
    into rww and outlook web access. I can also do a dialup vpn and then connect
    using remote desktop client.

    Regards

     
    John, Aug 8, 2004
    #10
  11. Hey, John. Here's a simple test:

    From a PC outside of your router, telnet to your public IP on port 4125. If
    you get a connection refused message, you need to open up port 4125 on your
    router. Since it seems that this is not happening via UPnP (which is
    really, really not a good idea anyway), you'll need to configure it
    manually. Port 4125 should forward to your SBS server.

    Thanks.

    Eriq Neale - MCSE 2003, MCSA Messaging, MCP Small and Medium Business
    Microsoft Corporation

    Get Secure! - http://www.microsoft.com/security

    =====================================================
    When responding to posts, please "Reply to Group" via
    your newsreader so that others may learn and benefit
    from your issue.

    For SBS 4.5 issues, post to: microsoft.public.backoffice.smallbiz
    For SBS 2000 issues, post to: microsoft.public.backoffice.smallbiz2000
    For SBS 2003 issues, post to: microsoft.public.windows.server.sbs
    =====================================================
    This posting is provided "AS IS" with no warranties, and confers no rights.
     
    Eriq Neale [MSFT], Aug 8, 2004
    #11
  12. John

    John Guest

    Tried telnet x.x.x.x:4125 from a win2k machine. x.x.x.x being my isp public
    ip. Get the reply;

    Connecting To x.x.x.x:4125...Could not open a connection to host on port 23
    : Connect failed

    But I get the same message from another sbs2003 which works absolutely fine.

    Regards
     
    John, Aug 8, 2004
    #12
  13. Are your "outside" connections behind another firewall or proxy? Is
    TCP/4125 allowed out from those locations?

    Have you checked the SBS router to make sure that TCP/4125 is allowed
    in, and forwarded to the SBS external nic?
     
    Steve Foster [SBS MVP], Aug 8, 2004
    #13
  14. Hi John

    You wouldn't by any chance be trying to connect from another SBS 2k3 and not
    a WS would you? If so that is a problem.

    Frank
     
    Frank McCallister, Aug 8, 2004
    #14
  15. it's "telnet x.x.x.x 4125" with a space not a colon.
     
    Steve Foster [SBS MVP], Aug 9, 2004
    #15
  16. John

    John Guest

    I get this message;

    C:\>telnet 217.37.100.137 4125
    Connecting To 217.37.100.137...Could not open a connection to host on port
    4125
    : Connect failed

    But I get the same message from another sbs2003 server which works fine in
    terms of desktop connection.

    Regards
     
    John, Aug 9, 2004
    #16
  17. Hello John.

    It still sounds like port 4125 is being blocked at the router. Everything
    else you describe seems like it's in working order, so I still think you
    need to check on the port configuration on the router. Please report back
    what you find.

    Thanks.

    Eriq Neale - MCSE 2003, MCSA Messaging, MCP Small and Medium Business
    Microsoft Corporation

    Get Secure! - http://www.microsoft.com/security

    =====================================================
    When responding to posts, please "Reply to Group" via
    your newsreader so that others may learn and benefit
    from your issue.

    For SBS 4.5 issues, post to: microsoft.public.backoffice.smallbiz
    For SBS 2000 issues, post to: microsoft.public.backoffice.smallbiz2000
    For SBS 2003 issues, post to: microsoft.public.windows.server.sbs
    =====================================================
    This posting is provided "AS IS" with no warranties, and confers no rights.
     
    Eriq Neale [MSFT], Aug 9, 2004
    #17
  18. Generally, telnet is quite useful as a diagnostic. However, I'm not
    convinced of its' usefulness in this scenario, because SBS only
    actually listens on port 4125 when it needs to (ie you're attempting to
    actually use the RWW). My post was just pointing out that your telnet
    command was wrong (as evinced by the fact it was trying to communicate
    on port 23, the standard telnet port).

    You need to access the router configuration and check that 4125 is
    being forwarded (same place you check that port 443 is put through).
     
    Steve Foster [SBS MVP], Aug 9, 2004
    #18
  19. John

    John Guest

    Hi

    Having checked router settings and running icw several times I decided to
    look at ISA settings myself. The server had a filter 'SBS Remote Web
    Workplace CustomFilter' which remained disabled even though I selected vpn
    in the connection wizard. I manually enabled this filter and now everything
    works fine. Apparently this filter does not get effected by running the
    connection wizard.

    Thanks you very much everyone who have taken the time to help me on this.

    Regards
     
    John, Aug 9, 2004
    #19
  20. John

    John Guest

    Hi

    Having checked router settings and running icw several times I decided to
    look at ISA settings myself. The server had a filter 'SBS Remote Web
    Workplace CustomFilter' which remained disabled even though I selected vpn
    in the connection wizard. I manually enabled this filter and now everything
    works fine. Apparently this filter does not get effected by running the
    connection wizard.

    Thanks you very much everyone who have taken the time to help me on this.

    Regards
     
    John, Aug 9, 2004
    #20
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.