Need help with Remote Desktop Conenction

[MR]

I am able to create a VPN connection from home to my network at work.
However, I am not able to create a Remote Desktop Connection (RDC) to my
computer at work even though I am on the VPN. My home computer is part of my
home domain. If I try to create the RDC from home with another computer that
is not part of the domain, I am able to create an RDC. If I try to create an
RDC with my notebook (that is also part of my domain) when I try to connect
from somewhere else, like a hotel, I am also able to create an RDC.
I get the same results with computers that are XP or Vista.
At home I am using ISA Server as my firewall. the domain controller is W2K3
Enterprise.
I am not sure if the problem is with the configuration of ISA Server, a
group policy or some other setting.
Is there a setting or other configuration that I need to change to get this
to work?
thanks for you help
m

 

[Meinolf Weber]

Hello MR,

What error message do you get? What OS is the machine at work? Is there a
firewall that blocks port 3389, did youb talk to your system administrators
from work?

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm

 

[MR]

Thank you for your reply
1) when I use Remote Desktop Connection I get: "This computer can't connect
with the remote computer"
when I use VNC, I get an error: unable to connect to host: Connection timed
out (10060)
2) at work the machine is XP.
3) as I said I can connect with my computer from outside the domain or with
a non-domain computer from within my home domain/firewall.
4) I also allowed the inbound and outbound RDP (Terminal Service) which is
port 3389 for all users and all internal computers to the external network
on the ISA Server
5) I spoke to the work sysadmin, and he has no suggestions since it does
work except in the conditions i have described.

 

[Florian Frommherz [MVP]]

MR,

Thank you for your reply
1) when I use Remote Desktop Connection I get: "This computer can't
connect with the remote computer"
when I use VNC, I get an error: unable to connect to host: Connection
timed out (10060)
2) at work the machine is XP.
3) as I said I can connect with my computer from outside the domain or
with a non-domain computer from within my home domain/firewall.
4) I also allowed the inbound and outbound RDP (Terminal Service) which
is port 3389 for all users and all internal computers to the external
network on the ISA Server
5) I spoke to the work sysadmin, and he has no suggestions since it does
work except in the conditions i have described.

Check ISA live logging while trying to connect to the machine from home.
My guess is the problem is ISA and it just doesn't allow such
connections. As it works from elsewhere, I doubt Group Policy is the
cause - nor may it be any other security setting in Vista I knew of
(well, you never know). My best bet is ISA configuration.

cheers,

Florian

 

[MR]

this is the log.
i don't see anything, aside fom the PING between the Initiate Conenction and
c Close connection.
does this indicate where the problem is?

Source Port Dest IP Dest Port Protocol
Action Source Net Destination Net Result Code
3178 192.168.10.8 3389 RDP (Terminal Services)
Initiated Connection Internal External 0x0
ERROR_SUCCESS
0 213.8.59.250 0 PPTP Closed
Connection PPTP Internal External
0x80074e24 FWX_E_CONNECTION_KILLED
3178 192.168.10.8 3389 RDP (Terminal Services)
Closed Connection Internal External 0xc0040038
FWX_E_TCP_NO_SERVER_REPLY

MR,

Thank you for your reply
1) when I use Remote Desktop Connection I get: "This computer can't
connect with the remote computer"
when I use VNC, I get an error: unable to connect to host: Connection
timed out (10060)
2) at work the machine is XP.
3) as I said I can connect with my computer from outside the domain or
with a non-domain computer from within my home domain/firewall.
4) I also allowed the inbound and outbound RDP (Terminal Service) which
is port 3389 for all users and all internal computers to the external
network on the ISA Server
5) I spoke to the work sysadmin, and he has no suggestions since it does
work except in the conditions i have described.

Check ISA live logging while trying to connect to the machine from home.
My guess is the problem is ISA and it just doesn't allow such connections.
As it works from elsewhere, I doubt Group Policy is the cause - nor may it
be any other security setting in Vista I knew of (well, you never know).
My best bet is ISA configuration.

cheers,

Florian
--
Microsoft MVP - Group Policy
eMail: prename [at] frickelsoft [dot] net.
blog: http://www.frickelsoft.net/blog.
Maillist (german): http://frickelsoft.net/cms/index.php?page=mailingliste