Discussion:
Cannot get RDP to work with one client (wont' work even inside the network)
(too old to reply)
cgmsys
2007-11-05 18:41:39 UTC
Permalink
I have a situation where we have

- Server 2003
- Active Directory
- 1 server
- about 10 clients running xp pro (upgraded in many cases from 2000)
- Norton Corporate AV 10.2
- Users logging onto the domain in some cases and the machine in
others.

Previously we were able to RDP into the 6 computers and server where
we really needed to from outside. It appears that the group policies
were not being applied to the machines. I fixed that and I'm not sure
if it caused the current problem.

We have one machine in particular that we need to be able to RDP in.
We have all the port forwarding set up with the linksys router. The
problem is that we can't even RDP into the machine from inside the
network. Here are some of the specifics

- Machine is XP pro, all latest patches
- NAV corp 10.1 is running as a managed av. It is not the firewall
version
- RDP is enabled in SYSTEM in the control panel
- I've added just about every user I can think of for now to the RDP
list
- I've added DOMAIN\EVERYONE as a users
- Windows firewall is reporting that it is disabled most likely due to
the group policies so it should not be a problem.
- The machine is set up in Active Directory and DNS on the server
exactly the same way the other machines are set up.
- If I run a port scan against that machine (.200) I see that 3389 is
closed. 3389 is open on the machines where we can access them via
rdp.
- We are trying to RDP in using and administrator account. Again we
can hit all of the other machines.
- We tried the Remote Computers snap in. You can see the computer but
it only tries to connect for a second and then says Disconnnected
- We tried the RDP app using both the machine name and IP.
- We can't access the problem machine from any machine on the network.
However those machines can access the other RDP capable machines
- I went through the local policies on the problem machine and they
seem to match the other computers.
- I tried deleting the machine from the Active Directory and DNS
server and redoing it. No Change.
- I changed the problem machine from the domain to workgroup and then
back to the domain (per an MS KB article)
- I tried undoing and redoing the RDP capability on the problem
machine
- I can ping and tracert to the problem machine. All other stuff
including their legacy system, exchange and server file access works
fine.
- I've done the "force group policy' thing on the server and the
client.
- Tried logging onto the problem client as admin and all rdp requests
are coming from a machine logged on as Administrator.


It seems to me that something is blocking 3389
- It is possible that there was an older firewall on the machine but I
don't see any evidence of that.
- Is it possible that some previous rdp connection is 'stuck' and
needs to be reset?
- Previously , they were a little lax in their Antivirus and Windows
updates. I suppose it could be some trojan.. We are running daily
scans with Norton and have run spybot against the machine.

Again, port forwarding should not be an issue since we can't even rdp
inside the network. I did go through the router to see if there was
any triggering or similar issues.

I'd really appreciate any ideas on how to fix this.

thanks

chris
-
cgmsys
2007-11-07 00:48:01 UTC
Permalink
FOUND THE MAIN PROBLEM....

I did some internal port scans and found out that the problem client
was not listening on 3389 but rather 3390. Apparently someone had
modified the registry some time ago. I changed the registry and we can
now get to the machine by logging straight into the server and going
through "remote desktops" or RDP directly to the client machine's
192.168 address.

I still can't get in by using IP:port from a computer outside the
network. Port forwarding seems to be set up OK but at least we have
fairly decent access for now...

cg

Loading...