Traffic block by server

Hi!

I have a w2003 server with AD running with a IIS server in my network, also
I have a alcatel router/proxy/firewall that manages the internet
conenction.

Every thing works fine, but I can't access the server from outside my
network, Ex: I've routed the port 3389 to point to the server, but I always
get connection time out, however if I point it to another pc on the network
it works fine!

I' ve run out of ideias,

thanks

Can you telnet server port 3389 internally?

Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
"Nuno Gomex" <(E-Mail Removed)> wrote in message news:%(E-Mail Removed)...
Hi!

I have a w2003 server with AD running with a IIS server in my network, also
I have a alcatel router/proxy/firewall that manages the internet
conenction.

Every thing works fine, but I can't access the server from outside my
network, Ex: I've routed the port 3389 to point to the server, but I always
get connection time out, however if I point it to another pc on the network
it works fine!

I' ve run out of ideias,

thanks

Thank's

Yes

"Robert L [MVP - Networking]" <(E-Mail Removed)> escreveu na mensagem news:(E-Mail Removed)...
Can you telnet server port 3389 internally?

Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
"Nuno Gomex" <(E-Mail Removed)> wrote in message news:%(E-Mail Removed)...
Hi!

I have a w2003 server with AD running with a IIS server in my network, also
I have a alcatel router/proxy/firewall that manages the internet
conenction.

Every thing works fine, but I can't access the server from outside my
network, Ex: I've routed the port 3389 to point to the server, but I always
get connection time out, however if I point it to another pc on the network
it works fine!

I' ve run out of ideias,

thanks

I forgot to said that the alcatel router works like a standard machine only in linux, and I suspect that it has something to do with that.
"Robert L [MVP - Networking]" <(E-Mail Removed)> escreveu na mensagem news:(E-Mail Removed)...
Can you telnet server port 3389 internally?

Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
"Nuno Gomex" <(E-Mail Removed)> wrote in message news:%(E-Mail Removed)...
Hi!

I have a w2003 server with AD running with a IIS server in my network, also
I have a alcatel router/proxy/firewall that manages the internet
conenction.

Every thing works fine, but I can't access the server from outside my
network, Ex: I've routed the port 3389 to point to the server, but I always
get connection time out, however if I point it to another pc on the network
it works fine!

I' ve run out of ideias,

thanks

Forget connecting like that anyway. That is reallty bad to expose TS (RDP)
to the Internet anyway. Use VPN then do your work inside the VPN Tunnel.
Some Devices (like ISA Server) can even control what machine can be accessed
by a particular VPN user after they connect and what protocols they can use
when they do it.


--
Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com
-----------------------------------------------------
Understanding the ISA 2004 Access Rule Processing
http://www.isaserver.org/articles/IS...cessRules.html

Troubleshooting Client Authentication on Access Rules in ISA Server 2004
http://download.microsoft.com/downlo...7/ts_rules.doc

Microsoft Internet Security & Acceleration Server: Guidance
http://www.microsoft.com/isaserver/t...dance/2004.asp
http://www.microsoft.com/isaserver/t...dance/2000.asp

Microsoft Internet Security & Acceleration Server: Partners
http://www.microsoft.com/isaserver/partners/default.asp

Deployment Guidelines for ISA Server 2004 Enterprise Edition
http://www.microsoft.com/technet/pro...isaserver.mspx
-----------------------------------------------------




"Nuno Gomex" <(E-Mail Removed)> wrote in message
news:%(E-Mail Removed)...
> Hi!
>
> I have a w2003 server with AD running with a IIS server in my network,
> also I have a alcatel router/proxy/firewall that manages the internet
> conenction.
>
> Every thing works fine, but I can't access the server from outside my
> network, Ex: I've routed the port 3389 to point to the server, but I
> always get connection time out, however if I point it to another pc on the
> network it works fine!
>
> I' ve run out of ideias,
>
> thanks
>

Thanks,

but i really need to access the server, not to RDP but the mysql service,
the RDP is an example and a way to test that it isn't the mysql server
that's gone wrong.


"Phillip Windell" <@.> escreveu na mensagem
news:(E-Mail Removed)...
> Forget connecting like that anyway. That is reallty bad to expose TS
> (RDP) to the Internet anyway. Use VPN then do your work inside the VPN
> Tunnel. Some Devices (like ISA Server) can even control what machine can
> be accessed by a particular VPN user after they connect and what protocols
> they can use when they do it.
>
>
> --
> Phillip Windell [MCP, MVP, CCNA]
> www.wandtv.com
> -----------------------------------------------------
> Understanding the ISA 2004 Access Rule Processing
> http://www.isaserver.org/articles/IS...cessRules.html
>
> Troubleshooting Client Authentication on Access Rules in ISA Server 2004
> http://download.microsoft.com/downlo...7/ts_rules.doc
>
> Microsoft Internet Security & Acceleration Server: Guidance
> http://www.microsoft.com/isaserver/t...dance/2004.asp
> http://www.microsoft.com/isaserver/t...dance/2000.asp
>
> Microsoft Internet Security & Acceleration Server: Partners
> http://www.microsoft.com/isaserver/partners/default.asp
>
> Deployment Guidelines for ISA Server 2004 Enterprise Edition
> http://www.microsoft.com/technet/pro...isaserver.mspx
> -----------------------------------------------------
>
>
>
>
> "Nuno Gomex" <(E-Mail Removed)> wrote in message
> news:%(E-Mail Removed)...
>> Hi!
>>
>> I have a w2003 server with AD running with a IIS server in my network,
>> also I have a alcatel router/proxy/firewall that manages the internet
>> conenction.
>>
>> Every thing works fine, but I can't access the server from outside my
>> network, Ex: I've routed the port 3389 to point to the server, but I
>> always get connection time out, however if I point it to another pc on
>> the network it works fine!
>>
>> I' ve run out of ideias,
>>
>> thanks
>>
>
>

Ok, sorry, I though you were wanting RDP/TS.

--
Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com

"Nuno Gomex" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Thanks,
>
> but i really need to access the server, not to RDP but the mysql service,
> the RDP is an example and a way to test that it isn't the mysql server
> that's gone wrong.
>
>
> "Phillip Windell" <@.> escreveu na mensagem
> news:(E-Mail Removed)...
>> Forget connecting like that anyway. That is reallty bad to expose TS
>> (RDP) to the Internet anyway. Use VPN then do your work inside the VPN
>> Tunnel. Some Devices (like ISA Server) can even control what machine can
>> be accessed by a particular VPN user after they connect and what
>> protocols they can use when they do it.
>>
>>
>> --
>> Phillip Windell [MCP, MVP, CCNA]
>> www.wandtv.com
>> -----------------------------------------------------
>> Understanding the ISA 2004 Access Rule Processing
>> http://www.isaserver.org/articles/IS...cessRules.html
>>
>> Troubleshooting Client Authentication on Access Rules in ISA Server 2004
>> http://download.microsoft.com/downlo...7/ts_rules.doc
>>
>> Microsoft Internet Security & Acceleration Server: Guidance
>> http://www.microsoft.com/isaserver/t...dance/2004.asp
>> http://www.microsoft.com/isaserver/t...dance/2000.asp
>>
>> Microsoft Internet Security & Acceleration Server: Partners
>> http://www.microsoft.com/isaserver/partners/default.asp
>>
>> Deployment Guidelines for ISA Server 2004 Enterprise Edition
>> http://www.microsoft.com/technet/pro...isaserver.mspx
>> -----------------------------------------------------
>>
>>
>>
>>
>> "Nuno Gomex" <(E-Mail Removed)> wrote in message
>> news:%(E-Mail Removed)...
>>> Hi!
>>>
>>> I have a w2003 server with AD running with a IIS server in my network,
>>> also I have a alcatel router/proxy/firewall that manages the internet
>>> conenction.
>>>
>>> Every thing works fine, but I can't access the server from outside my
>>> network, Ex: I've routed the port 3389 to point to the server, but I
>>> always get connection time out, however if I point it to another pc on
>>> the network it works fine!
>>>
>>> I' ve run out of ideias,
>>>
>>> thanks
>>>
>>
>>
>
>

You might want to double check the firewall on the 2K3 machine and
make sure that the port in questions (in your example, 3389) is
allowed to both the local subnet and the internet.

--
Jeffrey Randow
(E-Mail Removed)
Windows Networking MVP 2001-2006

http://www.networkblog.net

..On Thu, 28 Sep 2006 16:33:30 +0100, "Nuno Gomex"
<(E-Mail Removed)> wrote:

>Hi!
>
>I have a w2003 server with AD running with a IIS server in my network, also
>I have a alcatel router/proxy/firewall that manages the internet
>conenction.
>
>Every thing works fine, but I can't access the server from outside my
>network, Ex: I've routed the port 3389 to point to the server, but I always
>get connection time out, however if I point it to another pc on the network
>it works fine!
>
>I' ve run out of ideias,
>
>thanks
>

Thanks

My windows firewall is disabled, the stange thing is that I set up another
dc and it works fine !


"Jeffrey Randow" <(E-Mail Removed)> escreveu na mensagem
news:(E-Mail Removed)...
> You might want to double check the firewall on the 2K3 machine and
> make sure that the port in questions (in your example, 3389) is
> allowed to both the local subnet and the internet.
>
> --
> Jeffrey Randow
> (E-Mail Removed)
> Windows Networking MVP 2001-2006
>
> http://www.networkblog.net
>
> .On Thu, 28 Sep 2006 16:33:30 +0100, "Nuno Gomex"
> <(E-Mail Removed)> wrote:
>
>>Hi!
>>
>>I have a w2003 server with AD running with a IIS server in my network,
>>also
>>I have a alcatel router/proxy/firewall that manages the internet
>>conenction.
>>
>>Every thing works fine, but I can't access the server from outside my
>>network, Ex: I've routed the port 3389 to point to the server, but I
>>always
>>get connection time out, however if I point it to another pc on the
>>network
>>it works fine!
>>
>>I' ve run out of ideias,
>>
>>thanks
>>

Glad you got it figured out...

--
Jeffrey Randow
(E-Mail Removed)
Windows Networking MVP 2001-2006

http://www.networkblog.net

..On Mon, 2 Oct 2006 20:17:30 +0100, "Nuno Gomex"
<(E-Mail Removed)> wrote:

>Thanks
>
>My windows firewall is disabled, the stange thing is that I set up another
>dc and it works fine !
>
>
>"Jeffrey Randow" <(E-Mail Removed)> escreveu na mensagem
>news:(E-Mail Removed).. .
>> You might want to double check the firewall on the 2K3 machine and
>> make sure that the port in questions (in your example, 3389) is
>> allowed to both the local subnet and the internet.
>>
>> --
>> Jeffrey Randow
>> (E-Mail Removed)
>> Windows Networking MVP 2001-2006
>>
>> http://www.networkblog.net
>>
>> .On Thu, 28 Sep 2006 16:33:30 +0100, "Nuno Gomex"
>> <(E-Mail Removed)> wrote:
>>
>>>Hi!
>>>
>>>I have a w2003 server with AD running with a IIS server in my network,
>>>also
>>>I have a alcatel router/proxy/firewall that manages the internet
>>>conenction.
>>>
>>>Every thing works fine, but I can't access the server from outside my
>>>network, Ex: I've routed the port 3389 to point to the server, but I
>>>always
>>>get connection time out, however if I point it to another pc on the
>>>network
>>>it works fine!
>>>
>>>I' ve run out of ideias,
>>>
>>>thanks
>>>
>