RDC stopped working when I change IP settings to get VPN working!

Discussion in 'Windows Small Business Server' started by John F Kappler, Oct 4, 2006.

  1. This is SBS 2003 Premium.

    I've been trying to get VPN working and was needed to revise the IP
    settings for our two network cards. (This is a follow on to a number
    of previous threads but I need to get this part fixed asap).

    The IPCONFIG /ALL now looks like

    Windows IP Configuration

    Host Name . . . . . . . . . . . . : x00
    Primary Dns Suffix . . . . . . . : <domain>.local
    Node Type . . . . . . . . . . . . : Unknown
    IP Routing Enabled. . . . . . . . : Yes
    WINS Proxy Enabled. . . . . . . . : Yes
    DNS Suffix Search List. . . . . . : <domain>.local

    Ethernet adapter Router:

    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : HP NC3123 Fast Ethernet NIC #2
    Physical Address. . . . . . . . . : 00-50-8B-65-B0-9B
    DHCP Enabled. . . . . . . . . . . : No
    IP Address. . . . . . . . . . . . : 192.168.1.251
    Subnet Mask . . . . . . . . . . . : 255.255.255.0
    Default Gateway . . . . . . . . . : 192.168.1.253
    DNS Servers . . . . . . . . . . . : 192.168.1.251
    Primary WINS Server . . . . . . . : 192.168.0.251
    NetBIOS over Tcpip. . . . . . . . : Disabled

    Ethernet adapter LAN:

    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : HP NC3123 Fast Ethernet NIC
    Physical Address. . . . . . . . . : 00-50-8B-65-AE-14
    DHCP Enabled. . . . . . . . . . . : No
    IP Address. . . . . . . . . . . . : 192.168.0.251
    Subnet Mask . . . . . . . . . . . : 255.255.255.0
    Default Gateway . . . . . . . . . :
    DNS Servers . . . . . . . . . . . : 192.168.0.251
    Primary WINS Server . . . . . . . : 192.168.0.251

    The device on 1.253 is a router with built-in adsl modem. It has port
    forwarding enabled for the usual remote access, all to 192.168.1.251

    Nothing has been changed on the router, and RDC was working (to the
    static ip address).

    However, RDC has now stopped with the message "client could not
    connect to the remote computer ...."

    There dont seem to any relevant error messages in the Event Viewer.

    Any ideas whats gone wrong?

    TIA,

    JohnK
     
    John F Kappler, Oct 4, 2006
    #1
    1. Advertisements

  2. Ignore this!

    I've fixed it by turning off the SBS Firewall. We still have the
    hardware firewall, but would be interested to know why the firewall
    wasn't letting RDC through!

    Cheers

    JohnK
     
    John F Kappler, Oct 4, 2006
    #2
    1. Advertisements

  3. So I guess my question is, when I use CEICW to setup the firewall,
    what do I have to do to ensure RDC will work?

    Many thanks,

    JohnK
     
    John F Kappler, Oct 4, 2006
    #3
  4. Thanks for that Jim. I've removed the WINS entry and the other one was
    in fact correct but the IPCONFIG capture was an old one! Sorry.

    Would still like to know how to answer the CEICW Firewall questions to
    ensure RDC still works!

    Cheers

    JohnK
     
    John F Kappler, Oct 4, 2006
    #4
  5. You enable it on the CEICW page called "Web Services Configuration." See
    http://www.sbs-rocks.com/sbs2k3/sbs2k3-n2.htm.

    If there's still anything amiss with your IP configuration, the CEICW will
    fix that as well. IMO you're generally better off making IP settings with
    the CEICW or the change IP address wizard.
     
    Dave Nickason [SBS MVP], Oct 4, 2006
    #5
  6. OK, sorry, I was thinking RWW.

    If you are connecting over VPN first, you should be able to use RDP to
    client PCs without setting anything else on the SBS or in ISA. If that's
    the case, see if you can RDP to the PC from inside the LAN. You could be
    dealing with a setting on the client PC or server, or user permissions - I
    have inbound TS and port 3389 blocked, and I use RDP all the time over VPN.

    For direct RDP from a remote PC to the SBS, you need to enable the "SBS RDP
    Server Access Rule" in ISA. Terminal Services (port 3389) needs to be
    enabled on any firewall device.

    The first thing is to see if you can get the access you're seeking from the
    LAN side. And on a related note, it seems like allowing direct inbound RDP
    would be quite a bit less secure than either connecting the VPN, then RDP,
    or just using RWW. I've allowed direct inbound RDP to the server while
    troubleshooting (allowing a PSS rep in remotely, for example), but with the
    newer technologies like Livemeeting, I don't even do that any more.
     
    Dave Nickason [SBS MVP], Oct 5, 2006
    #6
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.