Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Can't RDP to client machines on different subnet but can with servers

Status
Not open for further replies.

shakatak

Technical User
Aug 13, 2006
67
US
I am having a problem where I am unable to use remote assistance or remote desktop to client machines on a different subnet but I am able to remote into the DC on the other subnet and then I can RDP into the client machines that way. Is there a feature in GP that I can change that would allow me to RDP directly to the client machines in a different subnet without having to RDP into the DC every time?
 
possibly windows firewall also do you have a route from your PC to this other subnet
 
No, it's not the windows firewall and yep, we do have a route to the other subnet. Is there something in group policy that would allow me make a rdp connection to a different subnet on the same domain?
 
I would say that it sounds like the firewall as well if RDP is alowed for the local subnet then the DC's would be able to connect but you wouldn't from the remote subnet.
 
I can remote from my client xp machine on subnet 10.10.1.x to the dc on subnet 10.10.100.x but when I want to remote/assist a user on the 10.10.100.x subnet it won't let me. The only way I can do it is by rdp to the dc on the 10.10.100.x subnet.
 
for a test could you install VNC onto one of these PC's and connect this way. It will at least point you in the right direction i.e. Group policy not allowing Windows RDP . There are some policies that can stop RDP connection s to PC's
 
To check to ensure that you can connect, try using telnet from a DOS prompt and at least that will confirm whether you can communicate on 3389 or not. Eg:

telnet servernameorip 3389

This will either give you a blank screen (successful) or give you an error message (not successful)

--------------------------------------
"Insert funny comment in here!"
--------------------------------------
 
thanks...I will try the steps you guys recommended.
 
It could be an access list on the router/switch blocking all the PCs on your subnet from accessing all machines, except the DC, on the other subnet. Which may make sense because you would want to allow domain controller traffic through the access list so that DCs on separate subnets can replicate.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top