Need some help with Remote Desktop

Discussion in 'Windows 8 Help and Support' started by ckoh, Oct 7, 2014.

  1. ckoh

    ckoh New Member

    Joined:
    Oct 7, 2014
    Messages:
    10
    Likes Received:
    0
    I'm having some trouble setting up Remote Desktop to connect to my office PC's from outside our office network. If someone with a little more expertise can chime in on the subject it would be awesome.

    Our setup:

    We have a ASUS 1900 router which is assigned a static IP we were assigned from Charter. The router has DHCP turned off so that our Windows Server 2012 R2 PC with DHCP enabled can dynamically assign IP's (private subnet IP's of 10.1.10.x) to all the work stations.

    Setting up Remote Desktop:

    1. Enabled remote desktop on all work stations.
    2. Check firewall
    3. Change the listener port so that no two stations have the same port
    4. note the IPv4 (10.1.10.x)
    5. Set up port forwarding on the router to allow connections to destination IP of the IPv4, and destination port as the listener port.
    When I try to use Remote Desktop from within the network I just use the private subnet IP that was assigned by the server. So, 10.1.10.x and it works fine to get in to each work station.

    When I try to use Remote Desktop from a different network, I used the private subnet IP that was assigned by the server and the listener port. So, 10.1.10.x:ListnerPort. But its not working, where am I going wrong?
     
  2. Trouble

    Trouble Noob Whisperer

    Joined:
    Nov 30, 2009
    Messages:
    13,845
    Likes Received:
    833
    Whenever you change the listening port for RDP from 3389 you have to configure a new windows firewall rule on the machine where you changed it for RDP because it defaults to 3389 and I don't believe it is editable so you add a new one to include you new port.
    Just call your new inbound rules RDP (you'll probably need two, one for TCP and a second for UDP) and use the two existing "Remote Desktop" inbound rules as examples for configuration. Just make sure that you use the new listening port in your configuration.

    EDIT: And then of course in your connection you'll have to use :8888 (port number) in mstsc.exe for your connection to work
    ie: YourExternalStaticIPAdress:8888
     
  3. ckoh

    ckoh New Member

    Joined:
    Oct 7, 2014
    Messages:
    10
    Likes Received:
    0

    Would the external static IP address be the static IP provided by Charter that was assigned to the router?
     
  4. Trouble

    Trouble Noob Whisperer

    Joined:
    Nov 30, 2009
    Messages:
    13,845
    Likes Received:
    833
    Yes.... typically when you remote into a remote desktop host on an internal (privately addressed) non-public facing network, from a remote desktop client that is not part of the same private network, you have to hit the outside edge, where you've configured your pinhole (port forwarding) to send things along to the internal (LAN side) network, and then to a specific host based on the listening port.
    You can use a FQDN if your provider has one associated with that IP or some people use Dynamic DNS services like DynDNS.org which can be helpful if that IP is subject to change but it your case not necessary.
     
  5. ckoh

    ckoh New Member

    Joined:
    Oct 7, 2014
    Messages:
    10
    Likes Received:
    0
    I'm screwing up somewhere, but not sure where. I even tried turning off the firewall entirely, and while on the same network on both PC's using the pc's private subnet IP of 10.1.10.x, and its not connecting. I have both computers set to allow remote connections, and firewalls off for the mean time.
     
  6. Trouble

    Trouble Noob Whisperer

    Joined:
    Nov 30, 2009
    Messages:
    13,845
    Likes Received:
    833
    It's not connecting at all?
    Or are you getting an error when attempting to authenticate.
    And make sure when you enter the IP address in mstsc.exe you follow that with a
    :8888
    or whatever new listening port you've configured in the registry on the computer you are trying to connect to.
    So it looks like
    10.1.10.222:8888
     
  7. Trouble

    Trouble Noob Whisperer

    Joined:
    Nov 30, 2009
    Messages:
    13,845
    Likes Received:
    833
    And are you certain that you haven't configured a port for listening that is otherwise engaged on either or both machines. There are ports that are reserved which you need to avoid.
    I generally use 8886, 8887, 8888, 8889. They seem to just work and haven't caused me any issues to date.
     
  8. ckoh

    ckoh New Member

    Joined:
    Oct 7, 2014
    Messages:
    10
    Likes Received:
    0
    It looks like its attempting to connect for a few seconds then gives me the:

    Remote Desktop can't connect to the remote computer for one of these reasons:
    1) Remote access to the server is not enabled
    2) The remote computer is turned off
    3) The remote computer is not available on the network

    Make sure the remote computer is turned on and connected to the network, and that remote access is enabled.

    I have been using 3390-4000~ish port wise, i'll try changing to one of the 8886-8889's and see what happens. Is there a feature on the Windows Server 2012 R2 that I need to set up?


    Edit: changed the port on the destination PC to 8888, and tried connecting from a different network. Gave me the same error. I'm using the static IP address I set on the router in the WAN IP settings.
     
    #8 ckoh, Oct 8, 2014
    Last edited: Oct 8, 2014
  9. Trouble

    Trouble Noob Whisperer

    Joined:
    Nov 30, 2009
    Messages:
    13,845
    Likes Received:
    833
    Not sure.... let me fire mine up and test.
    You may want to first get this working with default settings on the internal network first as everything should be provided for in advance by the operating system and Windows with configure the firewall rules for you with everything set to 3389.
    After you confirm that it is working as expected with default settings on the internal network, then advance one step at a time.
    Change the listening port and see what happens, making sure you include the colon and the new port number in your connection (10.1.10.222:8886 ).
    If the problem starts there then it's the firewall that you'll need to fix.
    Once that is up and running you can test it from an external network, hitting the outside edge IP address including the listening port and see if your NAT pinhole passes it through as expected.
     
  10. ckoh

    ckoh New Member

    Joined:
    Oct 7, 2014
    Messages:
    10
    Likes Received:
    0
    Crawl before we run, got it. Good idea, so I changed the listener port on the destination PC back to 3389, left the fire walls off, and put both PCs back on the same network. And I'm still getting the same connection issues, both PCs still have the allow remote connections settings on. I have set up a remote desktop from the same network before, the only difference I can think of was that before the router was assigning IP's, since we didn't have the Windows Server then.
     
  11. Trouble

    Trouble Noob Whisperer

    Joined:
    Nov 30, 2009
    Messages:
    13,845
    Likes Received:
    833
    Did you reboot the machines after changing the registry entry?
     
  12. ckoh

    ckoh New Member

    Joined:
    Oct 7, 2014
    Messages:
    10
    Likes Received:
    0
    No.... oh god....
     
  13. Trouble

    Trouble Noob Whisperer

    Joined:
    Nov 30, 2009
    Messages:
    13,845
    Likes Received:
    833
    That particular registry edit requires a reboot to take effect.
    Is one of the machines you're trying to connect to a 2012 R2 Server and if so is it a Domain Controller?
     
  14. ckoh

    ckoh New Member

    Joined:
    Oct 7, 2014
    Messages:
    10
    Likes Received:
    0

    Well resetting the computer allowed the connection to the PC on the same network to work fine. Damn... okay, i'm going to change the settings again and reboot this time... see how it works out.
     
  15. ckoh

    ckoh New Member

    Joined:
    Oct 7, 2014
    Messages:
    10
    Likes Received:
    0
    So it, worked when I changed all the information back to default and rebooted. Then when I changed the listener to 8888 and rebooted I tried to connect with the 10.1.10.x:8888 and it didn't work. So its a fire wall issue? I have both fire walls turned off though.
     
  16. ckoh

    ckoh New Member

    Joined:
    Oct 7, 2014
    Messages:
    10
    Likes Received:
    0

    Actually , I Don't know what I typo'd but I tried it again. and now on the same network i'm getting in fine using the 10.1.10.x:8888
     
  17. Trouble

    Trouble Noob Whisperer

    Joined:
    Nov 30, 2009
    Messages:
    13,845
    Likes Received:
    833
    OK, so now turn the firewalls back on.
     
  18. ckoh

    ckoh New Member

    Joined:
    Oct 7, 2014
    Messages:
    10
    Likes Received:
    0
    After messing with it some more, its up and running!

    Thanks a lot for all your help Trouble.

    Also one more thing, I have been looking at this list of ports would it be safe to assume that if the ports are not listed they are unused?
     
  19. Trouble

    Trouble Noob Whisperer

    Joined:
    Nov 30, 2009
    Messages:
    13,845
    Likes Received:
    833
    Good to hear and glad you have managed to resolve your problem.
    I would think so and I believe that, that is the list I used to use. I see my old favorites have been claimed since I last looked (been awhile).
     

Share This Page

Loading...