RDP issues

#1
Hello,

One of my clients has several servers which all but one have RDP access.

The site in question has six servers, one of which RDP is not working.

Below are the screenshots of the Firewall OFF, RDP port & RDP/RPC services

For troubleshooting purposes the Firewall is OFF

[RDP/RPC services]
http://1drv.ms/1AAhXcF

[RDP Default port]
http://1drv.ms/1AAiiMp

[Firewall config]
http://1drv.ms/1AAixal

[System properties / Remote]
http://1drv.ms/1Ks3MJA

There are no hardware firewalls on our site, I do not have access to network routers/switches only servers.

Other servers on the same site and subnet however we can RDP to these servers just fine.

When trying to connect to the server I get this error:
Accessing with [Servername.domain] & Ip address.

http://1drv.ms/1AAjMGx

Relevent information:
Windows Server 2003 Enterprise Edition
Currently accessing remotely with Radmin [been asked by the client to remove this as soon as RDP works]
I am Domain admin but do not have physical access to routers/switches or server.
DRAC is installed and working.
Computer management works so RPC server is running OK.
 


Last edited:

Trouble

Noob Whisperer
#2
Have you managed to test this RDP connection from another network node on the same Local Area Network (server or workstation) to confirm that Remote Desktop works properly before trying it across routed network?
 


#3
Yes it's been tested and it has the same issue, both from servers/workstations on the same Domain and the same physical Local network.
 


Trouble

Noob Whisperer
#4
Can you otherwise interact with the server?
Ping it by IP and NetBIOS name?
Access shares (files, folders, printers, etc.)?
What security suite do you have installed on that particular server?
Could you please check the registry of the server here
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp\
Port Number
And confirm that it is 3389 as you expect or if it has been changed intentionally or unintentionally.
 


Last edited:
#5
The server pings from my laptop over the Client VPN and from other servers on the domain + LAN
Pings via IP and NetBIOS name.
Shares can be accessed perfectly.
McAfee VirusScan Enterprise + AntiSpyware Enterprise
Version number: 8.8.0 (8.8.0.1247)
And as one of the links show the port is set to the default 3389, I then changed this to 5555 and rebooted the server it made no difference. I've scanned the ports and nothing else is using 3389 or 5555.
RPC server is running just fine, so anything like computer management works.
 


ussnorway

Windows Forum Team
Staff member
Premium Supporter
#6
Also check the update statis... a 2003 server could have missed a network upgrade patch or if it is a new install then the patch could be in progress and that would block you untill the next server reboot.
 


#7
These servers have been running since when Windows server 2003 was new! We're currently implementing a new backup solution which will require Windows server 2008 r2 but until we rebuild the server we need this one's RDP working asap.

Server is up to date with current windows server patches and is on SP2

It's actually two servers out of the lot that have this problem, both has this issue before we took over support & both use Radmin to access the server. Both servers are in different physcial locations with about 150miles between them but exist on the same domain.
So I'm ruling out hardware.
 


ussnorway

Windows Forum Team
Staff member
Premium Supporter
#8
1. Off topic; up-dating an out dated server into another outdated server is bad practice… you will just replace one set of problems with a new set. I’d upgrade the systems to server 12r2 and take advantage of all the fixes | improvements which networking has discovered over the last decade.

2. As you didn’t set this network up, I’d suspect some kind of network filtering at this point.
 


#9
Out of my control, this is a client with over 40,000 servers and all legacy are being upgraded to Server 2008 R2 and that's just the way it is.

Not to mention the legacy applications that are being run from this site in particular, it was hard enough to get them working on 2003!

Your probably right, I'll have to get probing - I'll probably post back if I come across anything I can actually share that I can't quiet get my head around.
 


Trouble

Noob Whisperer
#10
Check the Group Policy Editor, Local Policy and in the case of a Domain Controller, Domain Controller Policy. See if anyone has mucked about with that.
AND
I am not a big fan of McAfee's anything and when I start having seemingly unexplainable network issues I always suspect the Security Suite. Generally I'll uninstall, get things up and running and then reinstall.
If all the "Servers" are running this then you might look into how they are configured as to what they do and do not trust.
 


Last edited:
#11
Check the Group Policy Editor, Local Policy and in the case of a Domain Controller, Domain Controller Policy. See if anyone has mucked about with that.
AND
I am not a big fan of McAfee's anything and when I start having seemingly unexplainable network issues I always suspect the Security Suite. Generally I'll uninstall, get things up and running and then reinstall.
If all the "Servers" are running this then you might look into how they are configured as to what they do and do not trust.
Really good suggestions here, I didn't think to take a look into Group Policy specially as one of the two servers in questions is the PDC.

Now I can't just uninstall the security suite without security approval - I'll try and obtain this if I everything else fails.
 


This website is not affiliated, owned, or endorsed by Microsoft Corporation. It is a member of the Microsoft Partner Program.