Setting up a remote access (2003) Server...

[Tom McNally]

I have a simple (nothing's simple..) network setup on dedicated static IP
addresses -- 3 Servers, one of which is a production/public web server, a AD
box and a dev/web server acting as a secondary AD. In addition we have 3-5
active workstations, running XP Prof SP1. I can easily connect to the
servers via the internal network, however I'm not getting anywhere when I
try to access port 3389 from outside the network, via one of my static IPs.

Have configured my firewall box to allow incoming transmissions on port 3389
and directed them to one of the servers, but no go. Tries a connection and
then times out.

I have a VPN connection to a client on several of the workstations, and that
seems to work perfectly, so it's obviously something up with my firewall (a
Watchguard), or with my IPs network/name server settings -- which I can also
adminster and add records to. Currently I just have my Web and FTP server
running through this thing, and this works fine. Anything I need to do
(beyond enabling access) on the server? Have specified the port in my
connection string from the XP boxes as xxx.xxx.xxx.xxx:3389 but still
nothing doing.

Thanks in advance.
Tom

 

[Jeffrey Randow (MVP)]

Only things I can suggest is to double check the ip address you
entered into your router for the 3389 packets to be forwarded to...

Also, I am not clear about what other services are running on the W2K3
box, but make sure that the Internet Connection Firewall isn't enabled
on the server machine (just as a check)...

Jeffrey Randow (Windows MVP - Networking & Smart Display)
(e-mail address removed)

Please post all responses to the newsgroups for the benefit
of all USENET users. Messages sent via email may or may not
be answered depending on time availability....

Remote Networking Technology Wiki -
http://www.remotenetworktechnology.com
Smart Display Support - http://www.smartdisplays.net
Windows XP Expert Zone - http://www.microsoft.com/windowsxp/expertzone

 

[Ray]

Look at your DNS record if you made one. Make sure its correct. AD works
very closly with it an can be touchy. Also look into forcing a change in the
ports for the 3389 In the regedit. Look in the firewall logs. Make sure you
are connecting an maybe getting stuck there. If not go to the server. Look
at the logs there. See if it might be software realated. Look in to any
trusts you might or might not have on your DC. Make sure the user you are
connection with has proper rights, make sure any groups they may be dont
have rights that can over write another as far as your groups might be
concerned. Look in your policy settings. Just some places to look.