Jump to content
Search In
  • More options...
Find results that contain...
Find results in...
handofreason

RDP and Windows Server 2012 is giving me nightmares

3 hours ago, Chunchunmaru_ said:

Are you sure in the registry the RDP port is set 3389?

 

Guys this was it. I had to go into the registry and change it from another port; The person who set this up probably changed this as a way to prevent any tampering. Well played other guy... well played. 

 

What threw me off is that all the inbound rules for the firewall were set to 3389. Everything was default except for this one thing. Thanks everyone!

 

(The registry edit was HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TerminalServer\WinStations\RDP-Tcp\ and then PortNumber subkey. Double click that and chang HEX to Decimal and there's your port. Mine was set to some random number that had no inbound rules for it anyway)

Recommended Posts

Posted · Original PosterOP

Hey all,

 

I've been combing Google and various forums for a few days now and nothing has worked. Hopefully you guys can help me out.

 

I'm repurposing a Dell PowerEdge T130 on Windows Server 2012 R2 from my work, and I cannot connect to the machine to save my life. I've currently enabled/disabled everything I can think of right now just for the purposes of testing:

 

  • Windows Firewall is turned off (domain, private, public)
  • 3389 Port forwarded on the router and in the firewall inbound rules (even though it's now turned off)
  • Put the IP address of the server in DMZ on the router
  • Checked various registry settings as per recommended solutions related to this problem
  • Turned off network authentication for users

 

As far as I'm aware, this thing should be wide open and I cannot connect to it. For one thing, netstat -an still doesn't list 3389 as a listened port. On another machine in my network, trying to RDP into it gives a generic error as if I typed in a non-existent device:

Quote

 

Remote Desktop can't connect to the remote computer for one of these reasons:

1. Remote access to the server is not enabled
2. The remote computer is turned off
3. The remote computer is not available on the network

Make sure the remote computer is turned on and connected to the network, and that remote access is enabled.

 

 

The thing is, I can ping the device no problem from this other computer. It shows up in the router and I can ping there no problem. It just refuses to connect via RDP and I have no idea why!

 

EDIT: Also I have a feeling I'm missing something painfully obvious. So hopefully another set of eyes will see that and tell me what's wrong.

 

SOLUTION: Thanks to everyone here for the troubleshooting. Turns out the default RDP port was changed in the registry so all of the normal inbound rules and solutions were ineffective. The registry key changed was HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TerminalServer\WinStations\RDP-Tcp\ then double-click on subkey:PortNumber and change from HEX to Decimal. There's your port number that everything else needs sync to.)

Link to post
Share on other sites

Trying to connect from LAN or from a VPN from outside the home?


QUOTE ME IN A REPLY SO I CAN SEE THE NOTIFICATION!

When there is no danger of failure there is no pleasure in success.

Link to post
Share on other sites

Did you use an Online Port Checker to verify the port(s) you forwarded is open?

 

It isn't always the router at fault. The server behind the router has to respond for the port(s) to report as open.

 

If all else fails consider using Teamviewer or AnyDesk neither require you to forward any ports.


Guides & Tutorials:

How To: Access Remote Systems at Home/Work Securely from Anywhere with Pritunl

How to Format Storage Devices in Windows 10

A How-To: Drive Sharing in Windows 10

VFIO GPU Pass-though w/ Looking Glass KVM on Ubuntu 19.04

A How-To Guide: Building a Rudimentary Disk Enclosure

Three Methods to Resetting a Windows Login Password

A Beginners Guide to Debian CLI Based File Servers

A Beginners Guide to PROXMOX

 

Guide/Tutorial in Progress:

How To: Remotely Access Your Server/NAS

 

In the Queue:

How to Use Memtest86 to Diagnose RAM Errors

 

Don't see what you need? Check the Full List or *PM me, if I haven't made it I'll add it to the list.

*NOTE: I'll only add it to the list if the request is something I know I can do.

Link to post
Share on other sites
Posted · Original PosterOP
14 hours ago, Samfisher said:

Trying to connect from LAN or from a VPN from outside the home?

LAN. The machine is literally next to me, connected to the same switch. Is there a possibility the switch is the culprit? ?

 

14 hours ago, Windows7ge said:

Did you use an Online Port Checker to verify the port(s) you forwarded is open?

 

It isn't always the router at fault. The server behind the router has to respond for the port(s) to report as open.

 

If all else fails consider using Teamviewer or AnyDesk neither require you to forward any ports.

 

I've created an inbound rule in Windows Firewall for that specific port, and also forwarded the port in the router for both TCP/UDP. Checking with the port checker still reports back that 3389 is closed, which confirms my earlier netstat test. I'm using Teamviewer now actually, but I'll try AnyDesk also just so I have an alternative for future reference.

 

14 hours ago, leadeater said:

Confirm RDP is working locally first, then if it is it'll be port forwarding rules or your ISP is blocking 3389 inbound.

So the machine I'm trying to remote from is literally right next to it on the same switch. I can ping it just fine, and the router sees it (albeit with no PC name), and I can put port forwarding rules on the IP address within the router. Despite all that, RDC still won't connect to it, giving me the error that I mentioned above.

Link to post
Share on other sites
3 minutes ago, handofreason said:

I've created an inbound rule in Windows Firewall for that specific port, and also forwarded the port in the router for both TCP/UDP. Checking with the port checker still reports back that 3389 is closed, which confirms my earlier netstat test. I'm using Teamviewer now actually, but I'll try AnyDesk also just so I have an alternative for future reference.

So you tried disabling the Firewall for 5 mins and it didn't help. An issue I had a short while ago setting up SSH on a server was that it wasn't configured with a Default Gateway & DNS Servers. You verified you have a working Default Gateway. What about DNS?


Guides & Tutorials:

How To: Access Remote Systems at Home/Work Securely from Anywhere with Pritunl

How to Format Storage Devices in Windows 10

A How-To: Drive Sharing in Windows 10

VFIO GPU Pass-though w/ Looking Glass KVM on Ubuntu 19.04

A How-To Guide: Building a Rudimentary Disk Enclosure

Three Methods to Resetting a Windows Login Password

A Beginners Guide to Debian CLI Based File Servers

A Beginners Guide to PROXMOX

 

Guide/Tutorial in Progress:

How To: Remotely Access Your Server/NAS

 

In the Queue:

How to Use Memtest86 to Diagnose RAM Errors

 

Don't see what you need? Check the Full List or *PM me, if I haven't made it I'll add it to the list.

*NOTE: I'll only add it to the list if the request is something I know I can do.

Link to post
Share on other sites
Posted · Original PosterOP
2 minutes ago, Windows7ge said:

So you tried disabling the Firewall for 5 mins and it didn't help. An issue I had a short while ago setting up SSH on a server was that it wasn't configured with a Default Gateway & DNS Servers. You verified you have a working Default Gateway. What about DNS?

DNS is set to openDNS servers on the server itself. On the router... I think they might be set to default or maybe Google. I'll have to check.

 

How do I verify a working Default Gateway?

Link to post
Share on other sites
3 minutes ago, handofreason said:

DNS is set to openDNS servers on the server itself. On the router... I think they might be set to default or maybe Google. I'll have to check.

 

How do I verify a working Default Gateway?

If you can load webpages and connect via Teamviewer this your DNS is fine.

 

You pinged the Default Gateway yes? It's working.

 

Well let's look at the router then. Have you Port Forwarded before? What about with this hardware configuration? Have it worked in the past? Has anything on the network changed?


Guides & Tutorials:

How To: Access Remote Systems at Home/Work Securely from Anywhere with Pritunl

How to Format Storage Devices in Windows 10

A How-To: Drive Sharing in Windows 10

VFIO GPU Pass-though w/ Looking Glass KVM on Ubuntu 19.04

A How-To Guide: Building a Rudimentary Disk Enclosure

Three Methods to Resetting a Windows Login Password

A Beginners Guide to Debian CLI Based File Servers

A Beginners Guide to PROXMOX

 

Guide/Tutorial in Progress:

How To: Remotely Access Your Server/NAS

 

In the Queue:

How to Use Memtest86 to Diagnose RAM Errors

 

Don't see what you need? Check the Full List or *PM me, if I haven't made it I'll add it to the list.

*NOTE: I'll only add it to the list if the request is something I know I can do.

Link to post
Share on other sites
Posted · Original PosterOP
21 minutes ago, Windows7ge said:

If you can load webpages and connect via Teamviewer this your DNS is fine.

 

You pinged the Default Gateway yes? It's working.

 

Well let's look at the router then. Have you Port Forwarded before? What about with this hardware configuration? Have it worked in the past? Has anything on the network changed?

Yes I just pinged the default gateway, and yes it is working:

 

Pinging 192.168.1.1 with 32 bytes of data:
Reply from 192.168.1.1: bytes=32 time<1ms TTL=64
Reply from 192.168.1.1: bytes=32 time<1ms TTL=64
Reply from 192.168.1.1: bytes=32 time<1ms TTL=64
Reply from 192.168.1.1: bytes=32 time<1ms TTL=64

Ping statistics for 192.168.1.1:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms

I've done port forwarding before, usually for a torrent client so I'm open and connectable. On the router itself, I did two instances of port forwarding. One was IP specific:

 

image.png.d7179e24b8cfa7c0fb6c004a79450598.png

And the other was a universal protocol:

 

image.png.8126ee2e2727eebc8c122243e38c15d9.png

 

 

 

Link to post
Share on other sites
9 minutes ago, handofreason said:

I've done port forwarding before, usually for a torrent client so I'm open and connectable. On the router itself, I did two instances of port forwarding. One was IP specific:

 

And the other was a universal protocol:

I'm a little confused by these Any -> 3389 entries. Any external IP -> Port: 3389 for both TCP & UDP? If I'm reading that right then the config looks good.

 

Let me mention before going further that I don't use RDP so I can't offer application specific assistance. 

 

Well, let's look at the server. The RDP service is running and you can connect locally correct?


Guides & Tutorials:

How To: Access Remote Systems at Home/Work Securely from Anywhere with Pritunl

How to Format Storage Devices in Windows 10

A How-To: Drive Sharing in Windows 10

VFIO GPU Pass-though w/ Looking Glass KVM on Ubuntu 19.04

A How-To Guide: Building a Rudimentary Disk Enclosure

Three Methods to Resetting a Windows Login Password

A Beginners Guide to Debian CLI Based File Servers

A Beginners Guide to PROXMOX

 

Guide/Tutorial in Progress:

How To: Remotely Access Your Server/NAS

 

In the Queue:

How to Use Memtest86 to Diagnose RAM Errors

 

Don't see what you need? Check the Full List or *PM me, if I haven't made it I'll add it to the list.

*NOTE: I'll only add it to the list if the request is something I know I can do.

Link to post
Share on other sites
Posted · Original PosterOP
21 minutes ago, Windows7ge said:

I'm a little confused by these Any -> 3389 entries. Any external IP -> Port: 3389 for both TCP & UDP? If I'm reading that right then the config looks good.

 

Let me mention before going further that I don't use RDP so I can't offer application specific assistance. 

 

Well, let's look at the server. The RDP service is running and you can connect locally correct?

 

Yes the RDP service is running, but no I cannot connect locally. I can only ping it, but that's it.

 

The RDC app just throws back the error that's in my OP.

 

By the way I appreciate you taking the time to help me out.

Link to post
Share on other sites
1 minute ago, handofreason said:

 

Yes the RDP service is running, but no I cannot connect locally. I can only ping it, but that's it.

 

The RDC app just throws back the error that's in my OP.

This whole time I thought local connections were working. What setup instructions were you following for setting up RDP on Windows Server 2012? Any steps for enabling client connections? Often times firewalls will only enable specific clients access and you need to white-list them.


Guides & Tutorials:

How To: Access Remote Systems at Home/Work Securely from Anywhere with Pritunl

How to Format Storage Devices in Windows 10

A How-To: Drive Sharing in Windows 10

VFIO GPU Pass-though w/ Looking Glass KVM on Ubuntu 19.04

A How-To Guide: Building a Rudimentary Disk Enclosure

Three Methods to Resetting a Windows Login Password

A Beginners Guide to Debian CLI Based File Servers

A Beginners Guide to PROXMOX

 

Guide/Tutorial in Progress:

How To: Remotely Access Your Server/NAS

 

In the Queue:

How to Use Memtest86 to Diagnose RAM Errors

 

Don't see what you need? Check the Full List or *PM me, if I haven't made it I'll add it to the list.

*NOTE: I'll only add it to the list if the request is something I know I can do.

Link to post
Share on other sites

Check if the remote desktop service is running first


Also use TCPview from Sysinternals 

 

Are you sure in the registry the RDP port is set 3389? 

 

Anyway that port forwarding rule seems a bit strange to me, what is TCP Any -> 3389 supposed to mean? From any IP? And from the same port? 

Link to post
Share on other sites
3 hours ago, handofreason said:

So the machine I'm trying to remote from is literally right next to it on the same switch. I can ping it just fine, and the router sees it (albeit with no PC name), and I can put port forwarding rules on the IP address within the router. Despite all that, RDC still won't connect to it, giving me the error that I mentioned above.

Have you actually enabled RDP, it's off by default. Opening the firewall port on the server or turning the firewall off doesn't enable it.

Link to post
Share on other sites
Posted · Original PosterOP · Best Answer
3 hours ago, Chunchunmaru_ said:

Are you sure in the registry the RDP port is set 3389?

 

Guys this was it. I had to go into the registry and change it from another port; The person who set this up probably changed this as a way to prevent any tampering. Well played other guy... well played. 

 

What threw me off is that all the inbound rules for the firewall were set to 3389. Everything was default except for this one thing. Thanks everyone!

 

(The registry edit was HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TerminalServer\WinStations\RDP-Tcp\ and then PortNumber subkey. Double click that and chang HEX to Decimal and there's your port. Mine was set to some random number that had no inbound rules for it anyway)

Link to post
Share on other sites
11 hours ago, handofreason said:

 

Guys this was it. I had to go into the registry and change it from another port; The person who set this up probably changed this as a way to prevent any tampering. Well played other guy... well played. 

 

What threw me off is that all the inbound rules for the firewall were set to 3389. Everything was default except for this one thing. Thanks everyone!

 

(The registry edit was HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TerminalServer\WinStations\RDP-Tcp\ and then PortNumber subkey. Double click that and chang HEX to Decimal and there's your port. Mine was set to some random number that had no inbound rules for it anyway)

Well I imagined it...
Sometimes you are supposed to change the RDP port for various reasons (security, multi servers, etc)...
But usually (at least me) you do that via a firewall rule and never locally, but it happened in the past it was necessary because of some odd windows bug where the 3389 port never worked 

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now


×