REMOTE DESKTOP does not work anymore

[nugihouser]

My XP system no longer can access via Remote Desktop or any remote control agaent for that matter, yet I can control others. Ihave removed SP2 and uninstalled Symantec Client security, so basically it is a clean system. I can't ping my machine name or IP address from any other machine, but yet I can ping all others. I'm also on the same VLAN. This happens on both my wireless connection and Lan. Any ideas.Thanks in advance

 

[Auger282]

just because you took off sp2 doesnt mean the firewall went away

 

[bcastner]

just because you took off sp2 doesnt mean the firewall went away"

The SP2 version most certainly went away.

 

[LloydSev]

yes, but when you uninstall SP2, it doesn't turn the firewall off again does it?

Computer/Network Technician
CCNA

 

[bcastner]

If you are asking whether in the case you had SP1 with firewall disabled, upgraded to SP2 where the firewall is enabled by default, and then removed SP2, would it then enable the SP1 native firewall?

I honestly do not know. I am certain that they are completely different services, and software packages. And the controlling registry entries are completely different.

However, I do know that the ICS firewall under SP1 will automaticly make provisions for Remote Desktop if RD is enabled on the client, and the firewall is also enabled. (As will the SP2 firewall offer the program exception).

This dog does not hunt as the issue.

I agree with all that a firewall is likely the underlying issue, but if so it is not the native one(s) coming from XP in either Service Pack release.

Look for "hidden" firewalls: many AV programs have "hidden" firewalls; PC-Illan is famous for this. Many VPN clients are famous too -- CISCO VPN client for example.

Do a netstat -an and see if the 3389 port is listening.

 

[nugihouser]

I definatley don't have any firewalls running, Windows or Symantec. My computer is completely stripped. There is not even an option for firewall in the control panel or in my NIC properties.

 

[nugihouser]

Thanks bcastner,

I did uninstall Cisco VPN v4.02, and AT&T dialer, and did the netstat and port 3389 is listening.

 

[bcastner]

Now test the beast.

 

[nugihouser]

Yeah....still nothing... I've reauthenticated my machine to the domain, changed the name, my settings look identical to another PC i have in my cube it that works great...I think I may have to rebuild it, because I need access from home to my computer...but if you have any other ideas that would be awesome..

 

[bcastner]

Two additional notes:

. Deleting the pagefile.sys
There is a bug in the Recovery Console that prevents deleting the pagefile.sys.

Workaround
Boot into Recovery Console.
Because you boot into the %SystemRoot% folder (most commonly the C:\Winnt folder), type the following command
cd \
Type the following command to overwrite the existing Pagefile.sys file with Boot.ini:
copy c:\boot.ini pagefile.sys
Type the following command:
del pagefile.sys

After you copy Boot.ini over to Pagefile.sys, Pagefile.sys appears in the directory listing, and the entry can be removed.


. Daniel Petri's notes on Virtual Memory -- a must read

http://www.petri.co.il/pagefile_optimization.htm

 

[nugihouser]

was this post for me.....does the pagefile.sys have something to do with my firewall issue. Thanks

 

[bcastner]

I apologize. No I wrote that for someone else.

In your case you need to check that 3389 is being forwarded properly by your LAN router to you individual IP address, likely a NAT address.

If there is contention with other port forwards at the router, consider changing the "listening" address, and making adjustments from home:

http://support.microsoft.com/default.aspx?scid=kb;EN-US;306759

Two other thoughts:

. If under SP2, apply this Hotfix even if it does not seem to apply to your particular case:

http://support.microsoft.com/kb/884020

. Remember that testing this on a LAN will fail if you use the WAN ip port of your ISP assigned to the router. You need to use the NAT'd IP address used by your LAN workstations. Routers do not like to have to loopback internally.

Since netstat showed a valid "Listening" state, it is the edge router on your Office setting that is causing you testing difficulties, or the lack of a port forward entry on your home router/modem gateway.

 

[Auger282]

sp1 firewall is a tab in the network connection it isnt in the control pannel or in the nic properties

 

[bcastner]

sp1 firewall is a tab in the network connection it isnt in the control pannel or in the nic properties."

?

I am unsure of the argument you are making. My claim is that the SP1 firewall, if enabled, will use native calls to automaticly open port 3389.

Now if you disable UPnP, client discovery, and other things, (including H.224), then no, it will not open the port.

It seems clear from the discussion that the original poster has a forwarding issue at his edge router to the internet:

I've reauthenticated my machine to the domain, changed the name, my settings look identical to another PC i have in my cube it that works great...

You cannot in this circumstance forward the public WAN IP to several private LAN side IPs. That was the reason for suggestion that at the client side an adjustment be made for a different port than 3389, and on the remote side a matching regedit. On both sides the edge router needs to be told what to do with this traffic.