Port 3389 blocked? Next Step?

[Daniel]

I am able to connect over the internet to my desktop computer (host)
from my notebook computer (client) using GoToMyPC.com. However I only
have a free trial period of 1 month. I would like to set up Remote
Desktop in a similar fashion. Both computers have Windows XP
Professional with Service Pack 2.

I have followed the steps from
http://www.microsoft.com/resources/...Windows/XP/all/reskit/en-us/pree_rem_iusk.asp
and am not able to connect.

I susspect that the Host computer's ISP is blocking Port 3389.
When I go to www.CanYouSeeMe.org on the Host computer and check Port
3389. I get the following text.
"Error: I could not see your service on xxx.xxx.xxx.xxx on port (3389)
Reason: Connection refused"

How can I get around this problem and use Remote Desktop to connect to
the host?

The ISP for the is a small retail wireless ISP. I'd prefer not to have
to try to convince them to unblock port 3389 for me. Another solution
would be preferable. Ideas?

Daniel

 

[Sooner Al [MVP]]

Well, you may be out of luck. If the ISP blocks TCP Port 3389 incoming to
your PC the only way to open it is to contact them. Are you sure your not
running any type of software firewall on the host PC that may be blocking
the incoming RDP connection? Is the host PC behind any type of router?

--

Al Jarvi (MS-MVP Windows Networking)

Please post *ALL* questions and replies to the news group for the mutual
benefit of all of us...
The MS-MVP Program - http://mvp.support.microsoft.com
This posting is provided "AS IS" with no warranties, and confers no
rights...

 

[Daniel]

The Host does have Windows Firewall turned on. In Exceptions "Remote
Desktop" is checked. I have verified that "Terminal Services" status is
"Started". See
---------------------
"Verify that Terminal Services is running on the XP Pro desktop

The user can verify if the Terminal Services is running on the desktop
PC by executing the services.msc command from the Windows XP Start | Run
command window. The server status should be Started"
-------------------
Also, on the host at a command prompt I ran a "netstat -a" and I do show
this message "TCP computerhost:3389 computerhost:0 LISTENING" which I
take as the computer is listening to Port 3389.

I think these point to the ISP blocking Port 3389.
#1) does my use of canyouseeme.org verify that that is the case?
#2) can I just change Remote Desktop to use another Port instead of 3389?

Daniel

 

[Sooner Al [MVP]]

Your right that the Canyouseeme test certainly points to that, ie. your ISP
is blocking the port. You can try another port...

http://support.microsoft.com/default.aspx?scid=kb;en-us;Q306759

I would still contact the ISP to see if they will unblock that port however,
There really is no need to do that, IMO..

--

Al Jarvi (MS-MVP Windows Networking)

Please post *ALL* questions and replies to the news group for the mutual
benefit of all of us...
The MS-MVP Program - http://mvp.support.microsoft.com
This posting is provided "AS IS" with no warranties, and confers no
rights...

 

[Guest]

Sorry to just jump in, but I am having a similar problem. Can you elaborate

 

[Sooner Al]

Sorry to just jump in, but I am having a similar problem. Can you elaborate on the
router issue since both pcs are using routers to connect to 2 different networks and
cable modems?

See this page for help troubleshooting...

http://theillustratednetwork.mvps.org/RemoteDesktop/RemoteDesktopSetupandTroubleshooting.
html

Its best to start a new thread for a new problem...Thanks...

 

[Keith]

Chaps

I hope I can help. The efforts you are all taking to get around the
firewall security are not necessary. I use remote desktop to access my
client's machines from my office - exactly what you are trying to
achieve. Gotomypc is a fair product but is lacking. Take a look at
www.pmgconnect.co.uk. This product enables you to use remote desktop
over the internet. It is cheep as chips and quick. I am a developer and
sometimes work remotely for 10hours straight, gotomy pc is tiresome for
this but pmgconnect is as good as being there. Sorry if this sounds
like a plug - it isn't I just think pmgconnect rocks.

 

[Daniel]

The ISP sent me the following message:
"Because our system works behind a NAT those type programs will not
work. We apoligize for the inconvinence. OMUOnline Tech Support
http://www.omuonline.net/
"

My network knowledge is lacking. I know next to nothing about Network
Address Translation. Is there anyway to configure Remote Desktop to work
with NAT?

Daniel

 

[Sooner Al [MVP]]

Yes, to work through a NAT you need TCP Port 3389 opened by the ISP. If they
won't do that then you need to look at an alternative like MyWebExPC for
example.

http://www.mywebexpc.com

--

Al Jarvi (MS-MVP Windows Networking)

Please post *ALL* questions and replies to the news group for the mutual
benefit of all of us...
The MS-MVP Program - http://mvp.support.microsoft.com
This posting is provided "AS IS" with no warranties, and confers no
rights...

 

[Peter]

Yes, to work through a NAT you need TCP Port 3389 opened by the ISP. If
they

won't do that then you need to look at an alternative like MyWebExPC for
example.

http://www.mywebexpc.com

Or customize RDC to use a different TCP Port number:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal
Server\WinStations\RDP-Tcp]
"PortNumber"=dword:00000d3d
Forward that port in your router NAT config.
Connect using WWW.XXX.YYY.ZZZ:3389

Substitute "00000d3d" and 3389 with another port, which is NOT blocked by
your ISP.

 

[Guest]

bah..............................just google "change the listening port for
RDC" 3389
Or search your registry for 3389 and change it to 3390. No bigie. Who needs
vpn routers, just change the listening port to all your insdire computers you
want to connect to.
Zimple
SP

Yes, to work through a NAT you need TCP Port 3389 opened by the ISP. If they
won't do that then you need to look at an alternative like MyWebExPC for
example.

http://www.mywebexpc.com

Or customize RDC to use a different TCP Port number:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal
Server\WinStations\RDP-Tcp]
"PortNumber"=dword:00000d3d
Forward that port in your router NAT config.
Connect using WWW.XXX.YYY.ZZZ:3389

Substitute "00000d3d" and 3389 with another port, which is NOT blocked by
your ISP.

 

[Daniel]

OK, I’m looking for OPEN ports on the host computer. The host computer
has Windows XP Pro with SP2 and is using Windows Firewall. I turned off
Windows Firewall and then Using “Shields Up!†at
www.grc.com
I scanned ports 0 through 1055. The ports could be reported as OPEN,
CLOSED or STEALTH. All of these ports were reported as STEALTH. Next, I
scanned ports 3380 through 3440. All of these ports were also reported
as STEALTH.

How can I find an OPEN port so that I can change Remote Desktop from
3389 to an open port?

The host computer can browse the internet, send POP email and use
instant messenger software with no problems. So, obviously, some ports
are open, right? How do I identify them?

Daniel

bah..............................just google "change the listening port for
RDC" 3389
Or search your registry for 3389 and change it to 3390. No bigie. Who needs
vpn routers, just change the listening port to all your insdire computers you
want to connect to.
Zimple
SP

:

Yes, to work through a NAT you need TCP Port 3389 opened by the ISP. If
they

won't do that then you need to look at an alternative like MyWebExPC for
example.

http://www.mywebexpc.com

Or customize RDC to use a different TCP Port number:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal
Server\WinStations\RDP-Tcp]
"PortNumber"=dword:00000d3d
Forward that port in your router NAT config.
Connect using WWW.XXX.YYY.ZZZ:3389

Substitute "00000d3d" and 3389 with another port, which is NOT blocked by
your ISP.

 

[Peter]

How can I find an OPEN port so that I can change Remote Desktop from

3389 to an open port?

The host computer can browse the internet, send POP email and use
instant messenger software with no problems. So, obviously, some ports
are open, right? How do I identify them?

What is your setup? What is a network setup on both ends (RDC host and
client)? Any routers on host or client networks? What are IP addresses
(public and private) for both?

 

[beb]

Don't give out your public IP address on this public forum. You can be
assisted without the world knowing what it is.

 

[Peter]

Don't give out your public IP address on this public forum. You can be

assisted without the world knowing what it is.

Why not? Do you run SSLExplorer beb?

 

[beb]

No. Why?

Why not? Do you run SSLExplorer beb?

 

[Peter]

No. Why?

I was just curious about your answer.

 

[Daniel]

Host setup
Windows XP Pro with SP2
firewall: windows firewall (but turned off when trying to connect via RD)
ISP: www.omuonline.net which uses Network Address Translation
no router connected to host

Client Setup
Windows XP Pro with SP2
firewall: zonealarm free firewall
ISP: www.wnetrj.com.br
wireless router used with client

IP addresses: I prefer not to say

Daniel

 

[Daniel]

Do I need to change this Port number in the registry on the Host, Client
or both?

Daniel

 

[Peter]

Host setup

Windows XP Pro with SP2
firewall: windows firewall (but turned off when trying to connect via RD)
ISP: www.omuonline.net which uses Network Address Translation
no router connected to host

Client Setup
Windows XP Pro with SP2
firewall: zonealarm free firewall
ISP: www.wnetrj.com.br
wireless router used with client

IP addresses: I prefer not to say

O common, can you just mask it slightly?
If you have WWW.XXX.YYY.ZZZ, just say WWW.XXX.YYY.---.
I'm interested in WWW.XXX.YYY portion (and mask) to see if NAT statement
from your ISP is true.
What is the traceroute from your host to, let say, www.dell.com?
Do you have just one NIC in your host?