Anywhere Access - Remote Desktop Access not working

[scockman 0]

I am having an issue to where I cannot connect to any of my clients from the web.  I have access to the web page from an outside connection.  I can access the shared folders just fine, no problem there.  I just get the same dialog message:

------------------------------------------------------------------------

Remote Desktop Connection

This computer can't connect to the remote computer.

 

The two computers couldn't connect in the amount of time allotted. Try connecting again. If the problem continues, contact your network administrator or technical support.

------------------------------------------------------------------------

 

My Server:  Windows 2012 R2 Essentials with DHCP and DNS  

My two clients connected to the domain:  Windows 8.1 Enterprise

My router:  pfSense 2.1-Release (DHCP turned off)

My domain name:  using the Microsoft free one *.remotewebaccess.com

 

I thought it might be my connection at work (proxy/firewall), but I was able to use our employee hotspot (outside connection) and it did not work.  I then connected my laptop to my phone and still no connection.

 

I then took my home desktop (Win 8.1 Ent) and added my server's IP address and my domain name to my hosts file.  This does work and I am able to connect to the other client and the dashboard.  

 

At this point I am stumped as to what the cause is.  My WHS 2011 worked fine for years with no issue.

 

 

 

 

[ikon 439]

So, to summarize: if you try to use your domain name it doesn't work; if you try to use the IP address assigned to your router by your ISP, it does work? Is that correct? If yes, then you have a DNS issue. BTW, this is VERY common.

[scockman 0]

No.  From outside of the network - if I try the domain name <name>.remotewebaccess.com - it does not work.  If I try to use the IP address assigned I get a totally different stating "...can't connect because the Remote Desktop Gateway serve address requested and the certificate subject name do not match."

 

What does work is if add the following to my local C:\Windows\sytem32\drivers\etc\hosts" file:

 

192.168.1.#     <name>.remotewebaccess.com

 

while connected to my home network.  Then I am able to remote into my client machines.  

[timekills 32]

It won't work using an IP because the certificate won't match up. The cert is tied to the name.

It sounds like you have a firewall and/or port blocked at home preventing outside access.

I've had to forward ports 80,443, and I still forward 4125 to allow RDS.

[ikon 439]

Thanks for clarifying. I was kind of wondering how it could work from outside, basically because of what timekills mentioned. I, too, suspect there may be some port forwarding issue(s).

[scockman 0]

I am going rummage through my junk this weekend and find my old dd-wrt router and give that a try.  I agree I think it has something to do with pfSense router, since if I can hard code the domain name from inside and get through then the issue has to be with the router and port forwarding.

 

I can get the site from the outside and access the shares, I just cannot get to the console or the remote desktop of the clients.

[scockman 0]

Okay changed out the router - problem still exist. So I don't think it is the router. Not sure what else to try now.

 

Stan

 

 

Sent from my iPad using Tapatalk HD

[timekills 32]

Do you have 4125 open? Telnet into that port, or use one of the websites that check open ports and see if it is available.

[scockman 0]

I have it manually configured in the router to forward to the server - no change.  All references on the internet state that it is not needed.  Also I did not have that port configured when I was running WHS 2011.

[scockman 0]

I have been walking through the BPA Scans and on the one for the Remote Desktop Services I got this warning below.  Would this be the cause of why I can't connect from the outside.

 

Problem:

The Remote Desktop Gateway (RD Gateway) server Secure Sockets Layer (SSL) certificate may not have a valid certificate subject name.

 

Impact:

If the RD Gateway server is configured to use an SSL certificate with a certificate subject name that is not valid, users cannot connect to internal network resources (computers) through the RD Gateway server.

 

Resolution:

Use the RD Gateway Manager tool to select a valid SSL certificate for the RD Gateway server to use.

 

Scan time: 2/15/2014 22:34:06

 

BPA model version: 2.0