Port 3389 blocked? Next Step?


D

Daniel

I am able to connect over the internet to my desktop computer (host)
from my notebook computer (client) using GoToMyPC.com. However I only
have a free trial period of 1 month. I would like to set up Remote
Desktop in a similar fashion. Both computers have Windows XP
Professional with Service Pack 2.

I have followed the steps from
http://www.microsoft.com/resources/...Windows/XP/all/reskit/en-us/pree_rem_iusk.asp
and am not able to connect.

I susspect that the Host computer's ISP is blocking Port 3389.
When I go to www.CanYouSeeMe.org on the Host computer and check Port
3389. I get the following text.
"Error: I could not see your service on xxx.xxx.xxx.xxx on port (3389)
Reason: Connection refused"

How can I get around this problem and use Remote Desktop to connect to
the host?

The ISP for the is a small retail wireless ISP. I'd prefer not to have
to try to convince them to unblock port 3389 for me. Another solution
would be preferable. Ideas?

Daniel
 
Ad

Advertisements

S

Sooner Al [MVP]

Well, you may be out of luck. If the ISP blocks TCP Port 3389 incoming to
your PC the only way to open it is to contact them. Are you sure your not
running any type of software firewall on the host PC that may be blocking
the incoming RDP connection? Is the host PC behind any type of router?

--

Al Jarvi (MS-MVP Windows Networking)

Please post *ALL* questions and replies to the news group for the mutual
benefit of all of us...
The MS-MVP Program - http://mvp.support.microsoft.com
This posting is provided "AS IS" with no warranties, and confers no
rights...
 
D

Daniel

The Host does have Windows Firewall turned on. In Exceptions "Remote
Desktop" is checked. I have verified that "Terminal Services" status is
"Started". See
---------------------
"Verify that Terminal Services is running on the XP Pro desktop

The user can verify if the Terminal Services is running on the desktop
PC by executing the services.msc command from the Windows XP Start | Run
command window. The server status should be Started"
-------------------
Also, on the host at a command prompt I ran a "netstat -a" and I do show
this message "TCP computerhost:3389 computerhost:0 LISTENING" which I
take as the computer is listening to Port 3389.

I think these point to the ISP blocking Port 3389.
#1) does my use of canyouseeme.org verify that that is the case?
#2) can I just change Remote Desktop to use another Port instead of 3389?

Daniel
 
S

Sooner Al [MVP]

Your right that the Canyouseeme test certainly points to that, ie. your ISP
is blocking the port. You can try another port...

http://support.microsoft.com/default.aspx?scid=kb;en-us;Q306759

I would still contact the ISP to see if they will unblock that port however,
There really is no need to do that, IMO..

--

Al Jarvi (MS-MVP Windows Networking)

Please post *ALL* questions and replies to the news group for the mutual
benefit of all of us...
The MS-MVP Program - http://mvp.support.microsoft.com
This posting is provided "AS IS" with no warranties, and confers no
rights...
 
Ad

Advertisements

K

Keith

Chaps

I hope I can help. The efforts you are all taking to get around the
firewall security are not necessary. I use remote desktop to access my
client's machines from my office - exactly what you are trying to
achieve. Gotomypc is a fair product but is lacking. Take a look at
www.pmgconnect.co.uk. This product enables you to use remote desktop
over the internet. It is cheep as chips and quick. I am a developer and
sometimes work remotely for 10hours straight, gotomy pc is tiresome for
this but pmgconnect is as good as being there. Sorry if this sounds
like a plug - it isn't I just think pmgconnect rocks.
 
D

Daniel

The ISP sent me the following message:
"Because our system works behind a NAT those type programs will not
work. We apoligize for the inconvinence. OMUOnline Tech Support
http://www.omuonline.net/
"

My network knowledge is lacking. I know next to nothing about Network
Address Translation. Is there anyway to configure Remote Desktop to work
with NAT?

Daniel
 
S

Sooner Al [MVP]

Yes, to work through a NAT you need TCP Port 3389 opened by the ISP. If they
won't do that then you need to look at an alternative like MyWebExPC for
example.

http://www.mywebexpc.com

--

Al Jarvi (MS-MVP Windows Networking)

Please post *ALL* questions and replies to the news group for the mutual
benefit of all of us...
The MS-MVP Program - http://mvp.support.microsoft.com
This posting is provided "AS IS" with no warranties, and confers no
rights...
 
P

Peter

Yes, to work through a NAT you need TCP Port 3389 opened by the ISP. If
they
won't do that then you need to look at an alternative like MyWebExPC for
example.

http://www.mywebexpc.com

Or customize RDC to use a different TCP Port number:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal
Server\WinStations\RDP-Tcp]
"PortNumber"=dword:00000d3d
Forward that port in your router NAT config.
Connect using WWW.XXX.YYY.ZZZ:3389

Substitute "00000d3d" and 3389 with another port, which is NOT blocked by
your ISP.
 
G

Guest

bah..............................just google "change the listening port for
RDC" 3389
Or search your registry for 3389 and change it to 3390. No bigie. Who needs
vpn routers, just change the listening port to all your insdire computers you
want to connect to.
Zimple
SP

Peter said:
Yes, to work through a NAT you need TCP Port 3389 opened by the ISP. If they
won't do that then you need to look at an alternative like MyWebExPC for
example.

http://www.mywebexpc.com

Or customize RDC to use a different TCP Port number:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal
Server\WinStations\RDP-Tcp]
"PortNumber"=dword:00000d3d
Forward that port in your router NAT config.
Connect using WWW.XXX.YYY.ZZZ:3389

Substitute "00000d3d" and 3389 with another port, which is NOT blocked by
your ISP.
 
Ad

Advertisements

D

Daniel

OK, I’m looking for OPEN ports on the host computer. The host computer
has Windows XP Pro with SP2 and is using Windows Firewall. I turned off
Windows Firewall and then Using “Shields Up!†at
www.grc.com
I scanned ports 0 through 1055. The ports could be reported as OPEN,
CLOSED or STEALTH. All of these ports were reported as STEALTH. Next, I
scanned ports 3380 through 3440. All of these ports were also reported
as STEALTH.

How can I find an OPEN port so that I can change Remote Desktop from
3389 to an open port?

The host computer can browse the internet, send POP email and use
instant messenger software with no problems. So, obviously, some ports
are open, right? How do I identify them?

Daniel


St!nk said:
bah..............................just google "change the listening port for
RDC" 3389
Or search your registry for 3389 and change it to 3390. No bigie. Who needs
vpn routers, just change the listening port to all your insdire computers you
want to connect to.
Zimple
SP

:

Yes, to work through a NAT you need TCP Port 3389 opened by the ISP. If
they

won't do that then you need to look at an alternative like MyWebExPC for
example.

http://www.mywebexpc.com

Or customize RDC to use a different TCP Port number:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal
Server\WinStations\RDP-Tcp]
"PortNumber"=dword:00000d3d
Forward that port in your router NAT config.
Connect using WWW.XXX.YYY.ZZZ:3389

Substitute "00000d3d" and 3389 with another port, which is NOT blocked by
your ISP.
 
P

Peter

How can I find an OPEN port so that I can change Remote Desktop from
3389 to an open port?

The host computer can browse the internet, send POP email and use
instant messenger software with no problems. So, obviously, some ports
are open, right? How do I identify them?

What is your setup? What is a network setup on both ends (RDC host and
client)? Any routers on host or client networks? What are IP addresses
(public and private) for both?
 
B

beb

Don't give out your public IP address on this public forum. You can be
assisted without the world knowing what it is.
 
Ad

Advertisements

D

Daniel

Host setup
Windows XP Pro with SP2
firewall: windows firewall (but turned off when trying to connect via RD)
ISP: www.omuonline.net which uses Network Address Translation
no router connected to host

Client Setup
Windows XP Pro with SP2
firewall: zonealarm free firewall
ISP: www.wnetrj.com.br
wireless router used with client

IP addresses: I prefer not to say

Daniel
 
D

Daniel

Do I need to change this Port number in the registry on the Host, Client
or both?

Daniel
 
Ad

Advertisements

P

Peter

Host setup
Windows XP Pro with SP2
firewall: windows firewall (but turned off when trying to connect via RD)
ISP: www.omuonline.net which uses Network Address Translation
no router connected to host

Client Setup
Windows XP Pro with SP2
firewall: zonealarm free firewall
ISP: www.wnetrj.com.br
wireless router used with client

IP addresses: I prefer not to say

O common, can you just mask it slightly?
If you have WWW.XXX.YYY.ZZZ, just say WWW.XXX.YYY.---.
I'm interested in WWW.XXX.YYY portion (and mask) to see if NAT statement
from your ISP is true.
What is the traceroute from your host to, let say, www.dell.com?
Do you have just one NIC in your host?
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top