Remote desktop setup

Thomson / Alcatel
October 13, 2010 at 01:33:04
Specs: Windows server 2003
I have located my router as well as both its internal IP address and it's public IP address and am able to access it using both IP addresses from within the LAN. I have also managed to set up the port forwarding for RDP. However, I am not able to access the router remotely from outside the LAN using it's public IP address, which means that i cannot do RDP into the LAN. Please assist. My router is the Thomson-Alcatel SpeedTouch585.

See More: Remote desktop setup

Report •


#1
October 13, 2010 at 01:59:24
You have to forward port 3389 to the private ip address of the PC you want to connect to via RDP.

BTW: Can you ping your routers public ip address from outside the LAN?

The original poster should always write the last response !!!
Let us know, if the problem is solved !!!


Report •

#2
October 13, 2010 at 02:18:14
I have forwarded port 3389 to the ip address of the PC (running Windows Server 2003) i want to connect to via RDP. When i ping the routers from outside the LAN, the ping requests time out.

Report •

#3
October 13, 2010 at 02:53:35
Is the pc, you're using to ping the routers public ip address, located in the LAN behind that router?

The original poster should always write the last response !!!
Let us know, if the problem is solved !!!


Report •

Related Solutions

#4
October 13, 2010 at 03:11:32
The pc is behind another router in a different LAN

Report •

#5
October 13, 2010 at 03:26:12
Ok, so maybe reply to ping is disabled in the routers setup.
Anyway, you can check, whether the port 3389 is open, by doing an online portscan to that port.
Therefore, you have to use a pc in the lan behind that router, you want to check.
Start the browser and goto
http://www.t1shopper.com/tools/port...
Fill in the port(s) you'd like to check and click scan.

Report back.

The original poster should always write the last response !!!
Let us know, if the problem is solved !!!


Report •

#6
October 13, 2010 at 03:43:36
Thanx Paul. I get the following response:

T1 Shopper.com shows you the DSL, T1 or DS3 providers servicing your area, in real time! Give it a try for free. Just enter a phone number and ZIP code for service here.

Scanning ports on <router>

<router> isn't responding on port 3389 (ms-wbt-server).

I have used <router> to represent the public address of my router.


Report •

#7
October 13, 2010 at 03:48:23
So either the forwarding didn't work, or there is another firewall, maybe at the server itself, running.
Also check whether the server is listening to port 3389 by opening a command prompt (CMD) and type in:
netstat -ant

And again, report back the result :-)

The original poster should always write the last response !!!
Let us know, if the problem is solved !!!


Report •

#8
October 13, 2010 at 04:01:20
I ran the netstat -a and the result shows that it is listening to tcp 3389. In fact i'm able to RDP the server itself from within the lan.

Report •

#9
October 13, 2010 at 04:03:10
Can you not use a service like:

Logmein or Gotomypc


Report •

#10
October 13, 2010 at 05:17:25
Ok and you forwarded the port 3389 to the private ip address of the server, right?
Also crosscheck the ip address, you forward to in the router settings.

The original poster should always write the last response !!!
Let us know, if the problem is solved !!!


Report •

#11
October 13, 2010 at 05:58:15
I ran the netstat -a and the result shows that it is listening to tcp 3389. In fact i'm able to RDP the server itself from within the lan.

Report •

#12
October 13, 2010 at 06:03:55
I have cross checked the IP address in the router settings and it is the private IP address of the server.

Report •

#13
October 13, 2010 at 06:23:41
In fact there are 2 ip addresses for the server, one for the internal LAN and the other for the external WAN. I've just tried to changed the settings in the router for the external WAN and scanned port 3389 but i'm still getting the same result i got earlier.

The same story applies to the router in the other LAN. I'm also not able to ping it nor to see it thru the browser.


Report •

#14
October 13, 2010 at 06:37:13
Ok, did the netstat -a show the following?
 Proto  Local Address          Foreign Address        State
 TCP    0.0.0.0:3389            0.0.0.0:0              LISTENING

That means, both NICs are listening to port 3389.

If so, how about gateway settings on the server?
Only the WAN NIC should have an entry for the default gateway.

The original poster should always write the last response !!!
Let us know, if the problem is solved !!!


Report •

#15
October 13, 2010 at 06:56:03
Only one gateway setting on the WAN nic.

Report •

#16
October 13, 2010 at 07:17:17
In fact there are 2 ip addresses for the server, one for the internal LAN and the other for the external WAN.

Why have you done this?

If your server is sitting out on the internet unprotected except for the builtin Windows firewall (which I wouldn't trust to keep a 5 year old out of my server) then you don't need to port forward on your SOHO Router.

RDC in to the external IP of the server. You may have to "allow" 3389 on the builtin windows firewall on the server.

Also, if you've correctly done the port forward on your SOHO Router, it should appear as "listening" in a port scan. Try going to the "Shields Up" (google it) website and run a port scan that includes 3389 on your router's external IP. If it's closed, you didn't do the port forward correctly.

The port forward on the SOHO Router should point at the internal (LAN) IP of the server. For example, lets say the server's LAN IP = 192.168.0.1

The forward would look as follows:

Forward 3389 to 192.168.0.1

It matters not how straight the gate,
How charged with punishments the scroll,
I am the master of my fate;
I am the captain of my soul.

***William Henley***


Report •

#17
October 13, 2010 at 08:20:48
This is the setup i find in my client's network and have just started working on it a few days ago. When I rdp using the external WAN ip address though and i check the public ip address, it still comes with the same one for the router.

I have RDCed to the external IP of the server and have allowed the 3389 on the builtin windows (basic firewall). I'm going to the other LAN to test n see if I will see the router thru the browser or ping it.

The Shields Up tool seems a difficult tool to use. I thought i should put the link here http://lifehacker.com/5511734/shiel... to confirm that we are talking about the same thing.


Report •

#18
October 13, 2010 at 08:43:58
Wrong one. I'll post the correct link for you below:

https://www.grc.com/x/ne.dll?bh0bkyd2

On the page that opens up, give a quick read and click on the "Proceed" button to get to the actual scan page.

I would suggest you click on the "User specified custom port" and enter 3389 there. Alternatively, you could click on the "all service ports" button and test a bunch of them.

I would suggest getting the external interface of the server itself working on 3389. If however you need to go through the "back door" (ie: in through the router) you can verify the router's external IP address at "what's my ip" (google that) so you can be sure you're attempting to connect to the correct IP.

I will repeat again my misgiving's at having this server sitting out on the internet the way it is. If your SOHO Router has a DMZ feature, I'd enable it and put the server in the DMZ.

I'm curious how you have this network setup. Do you have two separate internet connections, one to the server, one to the router? Please describe your setup for me. Also, if you could supply me with the make/model of your SOHO Router, I would appreciate it.

It matters not how straight the gate,
How charged with punishments the scroll,
I am the master of my fate;
I am the captain of my soul.

***William Henley***


Report •

#19
October 13, 2010 at 09:28:43
How about a post of an ipconfig /all from the server for review also.
When you are testing the wan ip rdp you are doing this from outside the system correct?

Report •

#20
October 13, 2010 at 12:09:30
I've just finally managed to RDC to the server from my internet connection at home. This is, after RDCing the external IP of the server and allowing the 3389 on the builtin windows firewall. This, i believe, means problem solved. I expect it to work with the other LAN. Will keep u posted on what happens 2moro morning.

Report •


Ask Question