cant access server via remote desktop

I have 5 servers running Win2k3 and a cisco router between them and the
internet. Inside the network (behind the router/firewall) I can access all
5 servers via remote desktop. However, outside the network I use either
cisco's client vpn or from another site where I have a site to site vpn I
can access all servers but one.

The one that I can't access is running win2k3 and is my terminal services
server. The fact that I can access the other 4 servers tells me that it is
not the VPN or firewall but a setting on the terminal services server, maybe
MTU???. I am new to terminal services so any help would be appreciated.

Dan

Two things for starters, 1) Please do not cross post. 2) It's
always best to follow-up "can't access server" with at least
the specific error you received.

"DG" <(E-Mail Removed)> wrote in message news:
> I have 5 servers running Win2k3 and a cisco router between them and the
> internet. Inside the network (behind the router/firewall) I can access
all
> 5 servers via remote desktop. However, outside the network I use either
> cisco's client vpn or from another site where I have a site to site vpn I
> can access all servers but one.
>
> The one that I can't access is running win2k3 and is my terminal services
> server. The fact that I can access the other 4 servers tells me that it
is
> not the VPN or firewall but a setting on the terminal services server,
maybe
> MTU???. I am new to terminal services so any help would be appreciated.
>
> Dan
>
>

Sorry about crossing posts but I didn't know which to post in.

The error that I get when I try to Remote desktop to my terminal server
while on the VPN is "The client could not connect to the remote computer.
Remote connections might not be enabled or the computer might be too busy to
accept new connections. It is also possible that network problems are
preventing your connection. Please try connecting again later. If the
problem continues to occur, contact your administrator."

I know that remote connections are enabled because I connect to the server
when I am not on the VPN and am inside the firewall. I also know that the
server is not too busy because I am the only one accessing it. My testing
was done with a laptop. When inside the firewall, I am hardwired to the
network. To test the VPN I unplugged the network cable from the laptop and
connected to a wireless router that is outside the firewall and connected a
VPN back through the firewall. I also tested hardwired to a router outside
the firewall w/ the VPN and still receive the same error. I can remote
desktop to all other servers. The servers are all virtual running on the
same machine under VM-Ware.

Dan
"Michael Giorgio - MS MVP" <(E-Mail Removed)> wrote in
message news:%23K7Alt%(E-Mail Removed)...
> Two things for starters, 1) Please do not cross post. 2) It's
> always best to follow-up "can't access server" with at least
> the specific error you received.
>
> "DG" <(E-Mail Removed)> wrote in message news:
> > I have 5 servers running Win2k3 and a cisco router between them and the
> > internet. Inside the network (behind the router/firewall) I can access
> all
> > 5 servers via remote desktop. However, outside the network I use either
> > cisco's client vpn or from another site where I have a site to site vpn
I
> > can access all servers but one.
> >
> > The one that I can't access is running win2k3 and is my terminal
services
> > server. The fact that I can access the other 4 servers tells me that it
> is
> > not the VPN or firewall but a setting on the terminal services server,
> maybe
> > MTU???. I am new to terminal services so any help would be appreciated.
> >
> > Dan
> >
> >
>
>

Once you are VPN'ed into the system, can you ping the problem terminal
server? Can you telnet rto port 3389 on the terminal server (telnet {ip
address} 3389)?

-M

"DG" wrote:

> Sorry about crossing posts but I didn't know which to post in.
>
> The error that I get when I try to Remote desktop to my terminal server
> while on the VPN is "The client could not connect to the remote computer.
> Remote connections might not be enabled or the computer might be too busy to
> accept new connections. It is also possible that network problems are
> preventing your connection. Please try connecting again later. If the
> problem continues to occur, contact your administrator."
>
> I know that remote connections are enabled because I connect to the server
> when I am not on the VPN and am inside the firewall. I also know that the
> server is not too busy because I am the only one accessing it. My testing
> was done with a laptop. When inside the firewall, I am hardwired to the
> network. To test the VPN I unplugged the network cable from the laptop and
> connected to a wireless router that is outside the firewall and connected a
> VPN back through the firewall. I also tested hardwired to a router outside
> the firewall w/ the VPN and still receive the same error. I can remote
> desktop to all other servers. The servers are all virtual running on the
> same machine under VM-Ware.
>
> Dan
> "Michael Giorgio - MS MVP" <(E-Mail Removed)> wrote in
> message news:%23K7Alt%(E-Mail Removed)...
> > Two things for starters, 1) Please do not cross post. 2) It's
> > always best to follow-up "can't access server" with at least
> > the specific error you received.
> >
> > "DG" <(E-Mail Removed)> wrote in message news:
> > > I have 5 servers running Win2k3 and a cisco router between them and the
> > > internet. Inside the network (behind the router/firewall) I can access
> > all
> > > 5 servers via remote desktop. However, outside the network I use either
> > > cisco's client vpn or from another site where I have a site to site vpn
> I
> > > can access all servers but one.
> > >
> > > The one that I can't access is running win2k3 and is my terminal
> services
> > > server. The fact that I can access the other 4 servers tells me that it
> > is
> > > not the VPN or firewall but a setting on the terminal services server,
> > maybe
> > > MTU???. I am new to terminal services so any help would be appreciated.
> > >
> > > Dan
> > >
> > >
> >
> >
>
>
>

Follow-Up set to microsoft.public.windows.terminal_services

Is there anything in the EventLog on the server when you try to
connect?
Try the troubleshooting methods here:

186645 - Troubleshooting RDP Client Connection Problems
http://support.microsoft.com/?kbid=186645

--
Vera Noest
MCSE, CCEA, Microsoft MVP - Terminal Server
http://hem.fyristorg.com/vera/IT
--- please respond in newsgroup, NOT by private email ---

"DG" <(E-Mail Removed)> wrote on 03 maj 2005 in
microsoft.public.windows.terminal_services:

> Sorry about crossing posts but I didn't know which to post in.
>
> The error that I get when I try to Remote desktop to my terminal
> server while on the VPN is "The client could not connect to the
> remote computer. Remote connections might not be enabled or the
> computer might be too busy to accept new connections. It is
> also possible that network problems are preventing your
> connection. Please try connecting again later. If the problem
> continues to occur, contact your administrator."
>
> I know that remote connections are enabled because I connect to
> the server when I am not on the VPN and am inside the firewall.
> I also know that the server is not too busy because I am the
> only one accessing it. My testing was done with a laptop. When
> inside the firewall, I am hardwired to the network. To test the
> VPN I unplugged the network cable from the laptop and connected
> to a wireless router that is outside the firewall and connected
> a VPN back through the firewall. I also tested hardwired to a
> router outside the firewall w/ the VPN and still receive the
> same error. I can remote desktop to all other servers. The
> servers are all virtual running on the same machine under
> VM-Ware.
>
> Dan
> "Michael Giorgio - MS MVP" <(E-Mail Removed)>
> wrote in message
> news:%23K7Alt%(E-Mail Removed)...
>> Two things for starters, 1) Please do not cross post. 2) It's
>> always best to follow-up "can't access server" with at least
>> the specific error you received.
>>
>> "DG" <(E-Mail Removed)> wrote in message news:
>> > I have 5 servers running Win2k3 and a cisco router between
>> > them and the internet. Inside the network (behind the
>> > router/firewall) I can access
>> all
>> > 5 servers via remote desktop. However, outside the network I
>> > use either cisco's client vpn or from another site where I
>> > have a site to site vpn
> I
>> > can access all servers but one.
>> >
>> > The one that I can't access is running win2k3 and is my
>> > terminal
> services
>> > server. The fact that I can access the other 4 servers tells
>> > me that it
>> is
>> > not the VPN or firewall but a setting on the terminal
>> > services server,
>> maybe
>> > MTU???. I am new to terminal services so any help would be
>> > appreciated.
>> >
>> > Dan

Yes I can ping server, no I can not telnet port 3389.

I can use "Net View \\computername" against the server and connect to shares
on the server. I can also logon to the server console and RDP to itself.
This lend me to believe that it is a Firewall port issue. Other that the
fact that I can RDP other servers.

I will call my Cisco guy to see if he has something in the firewall that he
meant to turn on but turned off specific to my termial servers IP address.

Dan
"Matthew Harris [MVP]" <(E-Mail Removed)> wrote in message
news:675D2300-97F4-4FFF-B41A-(E-Mail Removed)...
> Once you are VPN'ed into the system, can you ping the problem terminal
> server? Can you telnet rto port 3389 on the terminal server (telnet {ip
> address} 3389)?
>
> -M
>
> "DG" wrote:
>
> > Sorry about crossing posts but I didn't know which to post in.
> >
> > The error that I get when I try to Remote desktop to my terminal server
> > while on the VPN is "The client could not connect to the remote
computer.
> > Remote connections might not be enabled or the computer might be too
busy to
> > accept new connections. It is also possible that network problems are
> > preventing your connection. Please try connecting again later. If the
> > problem continues to occur, contact your administrator."
> >
> > I know that remote connections are enabled because I connect to the
server
> > when I am not on the VPN and am inside the firewall. I also know that
the
> > server is not too busy because I am the only one accessing it. My
testing
> > was done with a laptop. When inside the firewall, I am hardwired to the
> > network. To test the VPN I unplugged the network cable from the laptop
and
> > connected to a wireless router that is outside the firewall and
connected a
> > VPN back through the firewall. I also tested hardwired to a router
outside
> > the firewall w/ the VPN and still receive the same error. I can remote
> > desktop to all other servers. The servers are all virtual running on the
> > same machine under VM-Ware.
> >
> > Dan
> > "Michael Giorgio - MS MVP" <(E-Mail Removed)> wrote
in
> > message news:%23K7Alt%(E-Mail Removed)...
> > > Two things for starters, 1) Please do not cross post. 2) It's
> > > always best to follow-up "can't access server" with at least
> > > the specific error you received.
> > >
> > > "DG" <(E-Mail Removed)> wrote in message news:
> > > > I have 5 servers running Win2k3 and a cisco router between them and
the
> > > > internet. Inside the network (behind the router/firewall) I can
access
> > > all
> > > > 5 servers via remote desktop. However, outside the network I use
either
> > > > cisco's client vpn or from another site where I have a site to site
vpn
> > I
> > > > can access all servers but one.
> > > >
> > > > The one that I can't access is running win2k3 and is my terminal
> > services
> > > > server. The fact that I can access the other 4 servers tells me
that it
> > > is
> > > > not the VPN or firewall but a setting on the terminal services
server,
> > > maybe
> > > > MTU???. I am new to terminal services so any help would be
appreciated.
> > > >
> > > > Dan
> > > >
> > > >
> > >
> > >
> >
> >
> >

If that turns up empty you could use a network monitor or
another sniffer to capture the packets on either side of
the firewall to see where the packets are being dropped.

"DG" <(E-Mail Removed)> wrote in message news:
> Yes I can ping server, no I can not telnet port 3389.
>
> I can use "Net View \\computername" against the server and connect to
shares
> on the server. I can also logon to the server console and RDP to itself.
> This lend me to believe that it is a Firewall port issue. Other that the
> fact that I can RDP other servers.
>
> I will call my Cisco guy to see if he has something in the firewall that
he
> meant to turn on but turned off specific to my termial servers IP address.
>

Well, it's been awhile since I check this, can't remember if it was under
W2K/TS or W2K3 Remote Desktop, but...

I found that I needed FQDN resolution to connect. IOW, Doing a TS/RD
session to IP 1.2.3.4 wouldn't work, or NETBIOS machine name either (11 char
max). It had to be a FQDN like (E-Mail Removed).

So, if that is still true, make sure from the client machine you can resolve
the TS's (E-Mail Removed), then make sure you put that into the
Remote Desktop window when attempting to connect.

If you can't resolve it, you could manually edit the local host file to
achieve it for testing purposes at least.

-Frank

"DG" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Sorry about crossing posts but I didn't know which to post in.
>
> The error that I get when I try to Remote desktop to my terminal server
> while on the VPN is "The client could not connect to the remote computer.
> Remote connections might not be enabled or the computer might be too busy
> to
> accept new connections. It is also possible that network problems are
> preventing your connection. Please try connecting again later. If the
> problem continues to occur, contact your administrator."
>
> I know that remote connections are enabled because I connect to the server
> when I am not on the VPN and am inside the firewall. I also know that the
> server is not too busy because I am the only one accessing it. My testing
> was done with a laptop. When inside the firewall, I am hardwired to the
> network. To test the VPN I unplugged the network cable from the laptop
> and
> connected to a wireless router that is outside the firewall and connected
> a
> VPN back through the firewall. I also tested hardwired to a router outside
> the firewall w/ the VPN and still receive the same error. I can remote
> desktop to all other servers. The servers are all virtual running on the
> same machine under VM-Ware.
>
> Dan
> "Michael Giorgio - MS MVP" <(E-Mail Removed)> wrote in
> message news:%23K7Alt%(E-Mail Removed)...
>> Two things for starters, 1) Please do not cross post. 2) It's
>> always best to follow-up "can't access server" with at least
>> the specific error you received.
>>
>> "DG" <(E-Mail Removed)> wrote in message news:
>> > I have 5 servers running Win2k3 and a cisco router between them and the
>> > internet. Inside the network (behind the router/firewall) I can access
>> all
>> > 5 servers via remote desktop. However, outside the network I use
>> > either
>> > cisco's client vpn or from another site where I have a site to site vpn
> I
>> > can access all servers but one.
>> >
>> > The one that I can't access is running win2k3 and is my terminal
> services
>> > server. The fact that I can access the other 4 servers tells me that
>> > it
>> is
>> > not the VPN or firewall but a setting on the terminal services server,
>> maybe
>> > MTU???. I am new to terminal services so any help would be
>> > appreciated.
>> >
>> > Dan
>> >
>> >
>>
>>
>
>

Oops.. change all the "@" symbols below to periods ".". FQDN! Had a
momentary greyout I guess LOL!

-Frank

"Frankster" <(E-Mail Removed)> wrote in message
news:WaidnYP5rdhHFebfRVn-(E-Mail Removed)...
> Well, it's been awhile since I check this, can't remember if it was under
> W2K/TS or W2K3 Remote Desktop, but...
>
> I found that I needed FQDN resolution to connect. IOW, Doing a TS/RD
> session to IP 1.2.3.4 wouldn't work, or NETBIOS machine name either (11
> char max). It had to be a FQDN like (E-Mail Removed).
>
> So, if that is still true, make sure from the client machine you can
> resolve the TS's (E-Mail Removed), then make sure you put that
> into the Remote Desktop window when attempting to connect.
>
> If you can't resolve it, you could manually edit the local host file to
> achieve it for testing purposes at least.
>
> -Frank
>
> "DG" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
>> Sorry about crossing posts but I didn't know which to post in.
>>
>> The error that I get when I try to Remote desktop to my terminal server
>> while on the VPN is "The client could not connect to the remote computer.
>> Remote connections might not be enabled or the computer might be too busy
>> to
>> accept new connections. It is also possible that network problems are
>> preventing your connection. Please try connecting again later. If the
>> problem continues to occur, contact your administrator."
>>
>> I know that remote connections are enabled because I connect to the
>> server
>> when I am not on the VPN and am inside the firewall. I also know that
>> the
>> server is not too busy because I am the only one accessing it. My
>> testing
>> was done with a laptop. When inside the firewall, I am hardwired to the
>> network. To test the VPN I unplugged the network cable from the laptop
>> and
>> connected to a wireless router that is outside the firewall and connected
>> a
>> VPN back through the firewall. I also tested hardwired to a router
>> outside
>> the firewall w/ the VPN and still receive the same error. I can remote
>> desktop to all other servers. The servers are all virtual running on the
>> same machine under VM-Ware.
>>
>> Dan
>> "Michael Giorgio - MS MVP" <(E-Mail Removed)> wrote in
>> message news:%23K7Alt%(E-Mail Removed)...
>>> Two things for starters, 1) Please do not cross post. 2) It's
>>> always best to follow-up "can't access server" with at least
>>> the specific error you received.
>>>
>>> "DG" <(E-Mail Removed)> wrote in message news:
>>> > I have 5 servers running Win2k3 and a cisco router between them and
>>> > the
>>> > internet. Inside the network (behind the router/firewall) I can
>>> > access
>>> all
>>> > 5 servers via remote desktop. However, outside the network I use
>>> > either
>>> > cisco's client vpn or from another site where I have a site to site
>>> > vpn
>> I
>>> > can access all servers but one.
>>> >
>>> > The one that I can't access is running win2k3 and is my terminal
>> services
>>> > server. The fact that I can access the other 4 servers tells me that
>>> > it
>>> is
>>> > not the VPN or firewall but a setting on the terminal services server,
>>> maybe
>>> > MTU???. I am new to terminal services so any help would be
>>> > appreciated.
>>> >
>>> > Dan
>>> >
>>> >
>>>
>>>
>>
>>
>
>

Must have been W2k because I have no problem at all
connecting to my TS servers via tcp/ip address and not
FQDN.

"Frankster" <(E-Mail Removed)> wrote in message news:
> Well, it's been awhile since I check this, can't remember if it was under
> W2K/TS or W2K3 Remote Desktop, but...
>
> I found that I needed FQDN resolution to connect. IOW, Doing a TS/RD
> session to IP 1.2.3.4 wouldn't work, or NETBIOS machine name either (11
char
> max). It had to be a FQDN like (E-Mail Removed).
>
> So, if that is still true, make sure from the client machine you can
resolve
> the TS's (E-Mail Removed), then make sure you put that into the
> Remote Desktop window when attempting to connect.
>
> If you can't resolve it, you could manually edit the local host file to
> achieve it for testing purposes at least.
>