Remote Desktop Connection to SBS 2003 with ISA 2004

[Chas123]

Hello: Until a week ago, RDC was working properly, connecting to SBS 2003
R2
server desktop. It has now stopped working. I get the Remote Desktop
Disconnected dialog,
saying "This Computer can't connect to the remote computer. Try connecting
again ... etc."

I can see the connection attempts in the ISA 2004 Standard Edition
Monitoring>Logging window. The connect/disconnect info is as follows:

Initiated Connection TESTSBS
1/28/2009 5:18:48 PM
Log type: Firewall service
Status: The operation completed successfully.
Rule: Allow remote management from selected computers using Terminal Server
Source: External ( XX.XX.170.146:2439)
Destination: Local Host ( XX.XX.174.78:3389)
Protocol: RDP (Terminal Services)
User:
Additional information
Number of bytes sent: 0 Number of bytes received: 0
Processing time: 0ms Original Client IP: XX.XX.170.146
Client agent:


Closed Connection TESTSBS 1/28/2009
5:18:48 PM
Log type: Firewall service
Status: A connection was abortively closed after one of the peers sent a RST
segment.
Rule: Allow remote management from selected computers using Terminal Server
Source: External ( XX.XX.170.146:2439)
Destination: Local Host ( XX.XX.174.78:3389)
Protocol: RDP (Terminal Services)
User:
Additional information
Number of bytes sent: 215 Number of bytes received: 187
Processing time: 0ms Original Client IP: XX.XX.170.146
Client agent:


Using Remote Web Workplace, I can connect to the desktop of any client of
SBS 2003, but not the server desktop. If anyone can point me to an
exhaustive checklist
to follow in solving this challenge, it would be appreciated.

 

[David Shen [MSFT]]

Dear Customer,

Thank you for posting in newsgroup.

According to the research, here is a checklist just for your reference.

Checklist:
==================

1. Please check the TCP port 3389 is not blocked by any firewall between
the problematic client and the SBS serve. You may telnet to internal IP of
the SBS server from the problematic client to see if the TCP port 3389 can
be connected.

Telnet IPaddressofSBS 3389

2. Please check if the TCP port 3389 is in the status of LISTENING on the
SBS server.

Netstat -nao

3. Please find another client and logon it with the same credential to see
if you can terminal to the SBS server via RDC.

4. if the issue still exist on the other client, please check that the
registry keys are configured with following on the SBS server.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Disabl
eTaskOffload and set it to 1.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Enable
RSS and set it to 0.

5. Please install the utility "devcon" on the problematic windows XP client
from

http://support.microsoft.com/default.aspx?scid=kb;en-us;311272

6. After unzipping the file, reinstalled the Terminal Server Device
Redirector by executing the following command from the CMD Prompt:

devcon -r install %windir%\inf\machine.inf root\rdpdr

7. Please reboot both the SBS server and the problematic client to test if
the issue still exists.

Please tell me the result and hope it helps.

David Shen
Microsoft Online Technical Support

 

[Administrator]

Thank you for the reply.

1. Telnet was unable to connect on port 3389. ISA Server showed an
Initiated Connection and then an immediate Closed Connection. Perhaps I
should have been clearer about the fact I am trying to connect with RDC from
a WinXP Pro computer at home to our SBS Server at the office. Also, I can
VPN into the
server from home.


2. Here is part of the netstat output:

TCP 192.168.16.2:3268 192.168.16.2:4997 ESTABLISHED 404
TCP 192.168.16.2:3268 192.168.16.2:5016 ESTABLISHED 404
TCP 192.168.16.2:3268 192.168.16.2:5019 ESTABLISHED 404
TCP 192.168.16.2:3268 192.168.16.2:5026 ESTABLISHED 404
TCP 192.168.16.2:3389 0.0.0.0:0 LISTENING 3132
TCP 192.168.16.2:4997 192.168.16.2:3268 ESTABLISHED 1716
TCP 192.168.16.2:4998 192.168.16.2:389 ESTABLISHED 1716
TCP 192.168.16.2:5000 192.168.16.2:389 ESTABLISHED 4056

3. Tried connecting using another client (from home) over the Internet and
cannot connect
with telnet or RDC.

4. Registry Keys: both keys were already configured as you suggest.

5. Installed and ran Devcon on the Client (computer at home) and no joy.
Running Devcon made the XP
machine reboot on its own. Still cannot connect with Telnet or RDC, same
error messages. Rebooted the
server also.

I do appreciate your assistance. I am wondering if a re-install of ISA 2004
might be in order.

Charlie

 

[David Shen [MSFT]]

Hi Charlie,

Thanks for the reply.

Based on the result of "netstat", it seems that the TCP port 3389 is
listening on the SBS server. If possible, please find another client within
the corporate network to see if you can terminal to the SBS server via RDP
in the internal network, not connect to the network via VPN. If you can RDP
to the SBS server in the corporate network with success, I guess the root
cause of the issue is related to the setting on ISA server. Since there
might be several configuration on the ISA server, I do not recommend you
re-install it in this case.

Since it might be related to ISA server, I would like to suggest that you
initial a new thread in the ISA newsgroup.

Discussions in microsoft.public.isa
http://www.microsoft.com/communities/newsgroups/list/en-us/default.aspx?dg=m
icrosoft.public.isa&cat=en_us_c012e8b0-ad29-45b6-850b-3f5c42a32a58&lang=en&c
r=us

Meanwhile, please also consider posting it in the SBS newsgroup.

Discussions in microsoft.public.windows.server.sbs
http://www.microsoft.com/communities/newsgroups/list/en-us/default.aspx?dg=m
icrosoft.public.windows.server.sbs

Hope the issue will be resolved soon.

David Shen
Microsoft Online Technical Support

 

[Chas]

Hello:

I eventually solved this problem when I tried a different video graphics
card in the server I was trying to access, everything worked fine. I had a
Nvidia 5700GT PCI-E card in the server (with uptodate drivers, as
recommended elsewhere) and switched it with an old PCI card and the RDC
worked fine. I re-installed the Nvidia PCI-E, rolled it back to basic VGA
drivers and that worked fine also. Go figure.

Chas

 

[David Shen [MSFT]]

Hello Chas,

Thanks for the reply and the solution sharing.

I am glad that the issue is resolved by the corresponding solution. If you
have any other question, please welcome to our newsgroup again.

David Shen
Microsoft Online Technical Support