Remote access help

Microsoft Windows server 2000 w/ sp2
February 10, 2010 at 13:07:15
Specs: Microsoft Windows Server 2000 w/ SP2
We have a Windows 2000 server that we use as a terminal server that people can connect to remotely. We just got a new router/modem, and I have pointed it to allow the server to be DMZ, and I think I have the settings correct in the server, but when employees type in our ip to connect, it says unable to connect to the computer. They connect via remote desktop connection.

They used to connect through our other windows 2000 machine, which I believe was acting as the router, but the machine they controlled was the one I mentioned above. I have terminal services active and it has open licenses for people to use installed.

Any ideas at all would be helpful!

See More: Remote access help

Report •

February 10, 2010 at 13:34:59
Server should not be in the DMZ. This puts the server at risk.

You configure the router for forward the rdp port 3389 to the static ip address of the server.

Users access this by going into their remote rdp session and putting in wanipaddress:3389

Highly advise you have a static ip for the wan port of the router.

Report •

February 10, 2010 at 13:44:22
I can tell the firewall to take it off dmz and to forward that port to the server, but I don't quite understand users "putting in wanipaddress:3389"? They have to input the ip address of our building to access it, correct?

Report •

February 10, 2010 at 13:58:02
Also, from what I can tell, people are getting through to the server, but I don't know that I have the settings correct on the server to allow them the remote access.

Report •

Related Solutions

February 10, 2010 at 14:03:08
You would not change anything on the server. If worked before right?

How were people using rdp to connect before if they were not using your routers wan ip address and the rdp port number?

Or were they connecting to the 2000 wkst and then rdp to the server?

Report •

February 10, 2010 at 17:03:28
In rdp they would just type in our IP (our static ip at the building) and it would connect to the terminal server and they would input their user name and password to log in and control the computer.

Report •

February 10, 2010 at 17:14:20
Ok. Server has exactly the same ip address as before?

Report •

February 10, 2010 at 17:42:11
Externally there is a new static ip address, internally we have not changed anything. We have opened up the port and pointed it at the server when people try to connect from outside the building. When connecting via rdp we are using the new ip address.

Report •

February 10, 2010 at 18:42:11
That sounds correct to me.
open the port - check

[though this is a security risk imho, don't make it easy for hackers. At the very least change the listening port on the server to a different port number than the standard and open that port instead.

Does your router have any logging capability? If you could log the wan request denials it should give a clue why they were denied.

Static ip is that of the wan port of the router correct? Have you confirmed?

Report •

February 10, 2010 at 19:43:54
Yes it is the ip of the wan port. I have a thought. When I tried to make the server we are trying to connect to the dmz, it said it was unable because the computer has a static dhcp, and that I needed to make it obtain one automatically. I went to tcp/ip properties and did that, and rebooted it, and rebooted the modem/router, and it still gave me that message.

I confirmed in ipconfig/all that the ip indeed had changed from to (or something, but it was different). I did another ipconfig/all and saw that the dhcp address was, which is the ip of our main windows 2000 server. I do know that dhcp is turned on on that machine. If I turn it off do you think that would allow it to connect correctly?

Report •

Ask Question