Windows 2000 Terminal Server

[welshgirl]

Can someone please point me in the right direction to setting up a remote Terminal Server connection.

I have installed Terminal Services on our W2K Server and can connect using the client side to TS on our internal connection. However not sure how to set up and connect remotely.

I'm running a small internal network with W2K Server running TS and IIS. A router for internal IP routing and Internet Access on a fixed IP. If I trying accessing TS using the fixed IP address I get Server Busy message.

Any help or advice appreciated.

 

[Dmasch]

You need to open up port 3389 on your router and point it to your servers internal address.
To test and make sure that your TS side is working you could try and run a session internally, if you can it is your router that is blocking you.

 

[welshgirl]

Thanks for your reply. I have enabled port forwarding to our local server IP on port 3389 and still did not work. Do I have to do anything else to enable the port? I've looked at all the router settings and can't see anything else to do with ports.
Yes I can run TS internally over the LAN.

 

[RRoth]

How are you accessing the TS internally??? Via IP or DNS entry? I have it configured here with a DNS entry that hits my firewall/router and then it forwards it over to my TS machine. That works fine. Or you can hit the IP of your router which will then forward it over automatically to the TS machine. That should solve the problem. Also besure that the proper ports can go out as well as in.

Also are you connecting to it via ICA or RDP???

 

[welshgirl]

When I access TS Internally I use the TS Client and type the internal address of our Server 192.168.0.25 and it works OK. I guess this is bypassing the router??? I haven't tried addressing it to the router internally to see if it forwards will try that tomorrow.

Connecting via RDP. Tried from Win98, XP and W2K Client just in case!! Still no joy with remote connection.

Basic settings on router:
Router IP 192.168.0.1
Server IP 192.168.0.25
Port forwarding: Start 3389 end 3389 forward 192.168.0.25

WAN Port Config:
Internet IP x.x.x.x
DHCP: None
IP Subnet: 0.0.0.0(Cant find where to set a subnet for this)

LAN Port Config:
IP Address: 192.168.0.1
DHCP:Server (don't know where it picked this up from)
IP Subnet 255.255.255.0

There four tabs:
Show PPPoA Status - Comes up connected OK
Show PPPoE Status - Connection to Server Failed
Show Statistics: - Just Tx Rx data
Ping Status: Ping ok

 

[PaulGillespie]

Can you try another router? I've had older routers that have not forwarded ports although thay have been configured correctly.

Paul

 

[welshgirl]

I don't have another router here and this is only about two months old, could it possibly be faulty?

This morning I tried to connect to TS internally with router address instead of server address but same server busy error, so I think its definately router.

 

[Sofestibeest]

Hi,

I had a simelar problem. My router did grant access from beyond the LAN. I checked everything internally. Everything was fine. My conclusion was that it must be the router. However, everything was set-up correctly. The router was not faulty because it just came out of the store. My solution t was to check te website of the manufacturor of the router. It had a bios/firmware update. I installed it powerd down/up the router and voila, everything worked just fine.

I hope this may help.

Regards

 

[Dmasch]

From outside are you using the public ip of the router?
You need to use that from the outside and the router will see the request and forward it over to the TS. What brand of router are you using? If it is only 2 months old it should be able to work.

 

[RRoth]

It does sound as if the router is not routing properly. Could be a bios issue. Could also be an issue with the outgoing ports. Be sure that 3389 is open to travel out too. Try the firmware update as suggested above if all things are done correctly.

 

[welshgirl]

Thanks for replies. Yes using public ip when trying to access from outside and tried upgrading firmware to newest version still no joy just frustration!

Its a Netgear DG814 router. I can't find anywhere to set outgoing port seperately just port forwarding.

 

[welshgirl]

Checked the direction and it has the option of in, out or both. Both selected.

 

[mwiner]

Ok.. try this just for testing. Take the IP addy of the server and put it in the DMZ of the router. Now from the outside world try to connect to it from TS. Make sure it is working properly. From here I would check the setting on the router. I know on the linsys router I have If I say start: 3389, end: 3389 it doesn't work for me. I have to say start: 0, end: 3389. For me that is NOT every port from 0-3389. It is only port 3389. So maybe try that. But I would check to make sure it doesn't open every port on your router.

What I have done to create a more secure Terminal Service is to run a ssh server on the inside of my network. And only open SSH through the firewall. Now from the outside world SSH in, and using port-forwarding in SSH (The client I use is Putty - free and easy to use) I can terminal service to 127.0.0.1 (local host) and forward port 3389 across the ssh connection and to the host on the inside.

The benefit of this are a few things. Now the Terminal Service connection is secured. I can compress the connection so TS runs even faster and I don't have to open a potential problematic port in Windows.

Let me know if this workes for you. If you have any question about the port forwarding let me know. *just a note about that - Windows 2000 will allow a TS connection to 127.0.0.1. However Windows XP does not, but there is a patch on Microsoft's site to allow it.

Good luck!

-Matt

 

[welshgirl]

Thanks for all your advice. I have been through all the settings with Netgear and they say nothing wrong with router!

I tried entering the Server address in DMZ and still had Server busy message....any more suggestions, getting very frustrated!