Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 5 replies
  • Answers 1 answer
  • Subscribers 27 subscribers
  • Views 14743 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Unable to Get Remote Desktop Rules to Work

John Bennett

 I have been pulling my hair out for a week trying to get my CEO's Remote Desktop  to connect at all with no success.

Our practice has been to use a port other than 3389. For example, I change the listening port to 3410 on the CEO's machine, and setup his outside the business computer to enter the network from the outside gateway address + port : 66.72.x.xx:3410 . The port is forwarded from the firewall to the IP and port of the CEO computer. 

 

It was working fine until a few weeks ago. Now it won't connect at all I have gone through many attempts without getting anything thru at all. I have checked the firewall log and I see plenty going out, but nothing coming in. I have done firewall rules before, but I must be missing something fundamental. I have looked at many examples of port forwarding and tried some variations, but nothing seems to work.

If I don't get this working I am going to hear something quite unpleasant from the man directed at me.  Can anyone help me get this done?



This thread was automatically locked due to age.
Parents
  • 0

    Hi,

    the usual failure is the service setup is wrong. RDP 1:65535 to 3389.

    Please check that you haven't inadvertently changed the RDP service configuration.

    Ian

  • 0 in reply to rfcat_vk

    We are not using port 3389 for RDP. Instead I assigned a port to each RDP user and forward the port to an IP on the network where the listening port matches the port assigned to the user. This worked fine when we had a checkpoint firewall. Our install person set up a service for each port. I have used the same scheme. I discovered that only 1 user (of about 15 users) could get to there workstation from outside except 1; A machine running XP (running some essential obsolete software and NO Sophos). None of the other access ports with Sophos installed are working.

    I am going to attach some screen shot I have taken from a test setup:

    Business application rule screen 1:

    Business application rule screen 2:

    System host gateway 66.72.5.8

    IP Host Client: 

    Service for port forwarding:

    All RDP users follow the same theme. I set up a host and a service from scratch for each port\user as I saw someone recommend.

    I am stumped. I will be in some trouble if I don't solve this soon. HELP!!

Reply
  • 0 in reply to rfcat_vk

    We are not using port 3389 for RDP. Instead I assigned a port to each RDP user and forward the port to an IP on the network where the listening port matches the port assigned to the user. This worked fine when we had a checkpoint firewall. Our install person set up a service for each port. I have used the same scheme. I discovered that only 1 user (of about 15 users) could get to there workstation from outside except 1; A machine running XP (running some essential obsolete software and NO Sophos). None of the other access ports with Sophos installed are working.

    I am going to attach some screen shot I have taken from a test setup:

    Business application rule screen 1:

    Business application rule screen 2:

    System host gateway 66.72.5.8

    IP Host Client: 

    Service for port forwarding:

    All RDP users follow the same theme. I set up a host and a service from scratch for each port\user as I saw someone recommend.

    I am stumped. I will be in some trouble if I don't solve this soon. HELP!!

Children
  • 0 in reply to John Bennett

    Hi,

    what log entries do you see that match the incoming traffic? Also can you login to  the server from within your LAN using each of the individual assigned ports?

    Ian

  • 0 in reply to rfcat_vk

    Hi Ian,

    My test setup was exactly the same as the previous screens in my note. I uninstalled Sophos (does it really take all the registry changes?). Then I reinstalled Sophos and tried my test box from my home computer. I went DIRECTLY THRU TO THE TEST PC and logged on. The connection was solid, and I logged in and out 3 times to verify it works  Hooray! 

     

    I guess I'll go fix the rest of these logins. I do remember someone saying sometimes you just have to start over from scratch. I did and it worked. I appreciate the hand holding as I was feeling defeat coming, but I am definitely feeling much better now: Here is what I got in the firewall log documenting three successful logins:

     

    Thanks again,

    JB