Jump to content
RESET Forums (homeservershow.com)

2 Remote access Severs?


Recommended Posts

TomatoBoy

In order to connect to that server (client connector), you would need to be local or in a VPN, right?

 

Yes.

Link to post
Share on other sites
  • Replies 130
  • Created
  • Last Reply

Top Posters In This Topic

  • TomatoBoy

    56

  • jmwills

    37

  • ikon

    30

  • Essexraptor

    5

Top Posters In This Topic

Popular Posts

Yes, but by taking the time to learn this, you can have two portals with Remote Access running from home using one external IP address.  It's really not that hard.   Excellent for someone who is try

I don't modify IIS to do this; I use different ports on my router and redirect them to the default IIS port, but on different IP addressess. For example, I will have my router redirect http://mydomain

TomatoBoy

It would be great if you did try it TB. There are lots of articles on the Internet; not all of them work as described: eg: a recent thread in these forums based on an article about hot-swapping drives in a MicroServer (turns out it can't be done).

 

Have the MSE in a flashed BIOS Microserver. I know there is the 'unlocked' BIOS and the 'modified' one doing the rounds, ours is the unlocked one. Were both tried for hot swapping? I read the superb Joe_Miner article. Actually, since HP locked the doewnloads to subscriptions only, the website method does not work. It needs to be installed via the local directory method.

 

Edit:

Just slid a drive in. It appears dynamically in Disk Management but does not mount and get assigned a drive letter, so doesn't make it to Windows Explorer. Close though and I suppose 'hot' in that a reboot is not required, though manual drive letter issue is needed.

Edited by TomatoBoy
Link to post
Share on other sites
TomatoBoy

It would be great if you did try it TB. There are lots of articles on the Internet; not all of them work as described: eg: a recent thread in these forums based on an article about hot-swapping drives in a MicroServer (turns out it can't be done).

 

Sorry for the delay. After a great deal of imaging and testing, we can report back but without a conclusive answer for unexpected reasons.

 

We ran the test of having two independantly setup servers, WHS 2011 and WSE 2012, each with Anywhere Access working, added to the network with the router port forwarding so both were using 80/443, but hit a snag.

 

It turns out that although our router is happy to port forward or redirect, it does not like redirecting 80/443. There is no clear documentation to support this on the net, but others have touched on 80/443 redirect issues with strange results on our model whilst discussing broader subjects. It will happily forward xx80/x443 to ports similarly bound in the IIS of a server (as per the solution you and jmwills kindly produced), but it will not redirect xx80/x443 to 80/443. That probably explains, at least in part, the strange hybrid screens we were seeing. We even tested it with a single server on the network with 80/443redirects and the result was the same.

 

So we at least know it was not having two servers present but the capability of the router that was to blame in the first instance. Now, that leaves the question of two servers on redirects to native 80/443 ports unanswered, though it is documented in several places on the net, but as you say, that does not offer certainty. We will try to look out a router that is known to be able to redirect 80/443, though I am not sure we will have one, but if we do, the test will be run again and reported back.

 

I will write this whole thing up for a blog submission once we reach the end of the journey, but that has still not ended.

 

We have stumbled upon one more issue in testing. Remote access of client computers through the web portal. On the WHS 2011 with the 80/443 bindings altered, when trying to access one of its clients (which is running Windows 7 Ultimate) we get the message:

 

"Your computer can't connect to the remote desktop computer because the Remote Gateway Desktop server is expecting an authentication method different from the one attempted. Contact your network administrator for assistance."

 

If you remember, the WHS 2011 is setup with mydomain.homeserver.com, whilst the WSE2012 has mydomain.remotewebaccess.com. We have been searching the net but remain a little unsure. Is this a certificate error because 80/443 always refer to the remotewebaccess address of the WSE, and the WHS is setup on a homeserver address or is it related to the need to change the RDP port on one of the servers as documented here and here referring to altering the inetpub file on one of the machines. We looked for the file but could not find it on WHS 2011 and expect the texts linked refer to WHS v.1.

 

We would be hugely grateful for any insight and guidance please. I would hate us to move forward and do something stupidly wrong. Many thanks.

Edited by TomatoBoy
Link to post
Share on other sites
jmwills

This would be the first instance here of anyone reporting theid router cannot forward ports 80 or 443. But, I thought we had all this solved the other day. We could hit the logon pages of both servers which mean traffic was getting through the router.

 

Confused.

Link to post
Share on other sites
TomatoBoy

This would be the first instance here of anyone reporting theid router cannot forward ports 80 or 443. But, I thought we had all this solved the other day. We could hit the logon pages of both servers which mean traffic was getting through the router.

 

Confused.

 

No, I said it will forward ports but it appears that it will not redirect to 80 and 443, i.e. 80 > 80 and 443 to 443 is fine but it does not like say 8080 > 80 and 4443 > 443. It is fine with 8080 > 8080 and 4443 > 4443 where the IIS bindings have been changed as per the other day. I was just reporting back after we attempted the test documented above and found the router 'feature'. It was and is working perfectly from the other day and we are very grateful.

 

We would very much appreciate any thoughts and guidance relating to the RDP via the portal and inetpub file as per the links. Many thanks.

Edited by TomatoBoy
Link to post
Share on other sites
jmwills

Did you see the date of those posts?  They was referring to v1

 

You are already forwarding 80 and 443 to your 2012 box.  As we discovered, Essentials wants those default ports of 80 and 443 and does not like for the IIS bindings to be changed, probably due to the certificate based requirements.

 

WHS doesn't care as it is not that intelligent, i.r., non Domain based.  I've run as many as three WHS 2011 boxes on my LAN at once with remote access working for all three, two having alternate ports.

 

Now, what am I missing here?

Link to post
Share on other sites
TomatoBoy

Did you see the date of those posts?  They was referring to v1

 

You are already forwarding 80 and 443 to your 2012 box.  As we discovered, Essentials wants those default ports of 80 and 443 and does not like for the IIS bindings to be changed, probably due to the certificate based requirements.

 

WHS doesn't care as it is not that intelligent, i.r., non Domain based.  I've run as many as three WHS 2011 boxes on my LAN at once with remote access working for all three, two having alternate ports.

 

Now, what am I missing here?

 

Yes, I stated in my post that it referred to v.1 and asked if there was any equivalent for WHS 2011.

 

When we login to the WHS 2011 box via the web service and try to control a client remotely, we get the error message reporoduced in my post number 93. I believe we need to redirect the remote as referred to by the links I posted, but they deal with WHS v.1 and we need the method to do so in WHS 2011.

 

From the second link:

 

"After going through this procedure you should be able to access the basic web sites and shared folders. But, you will not be able to remotely access other computers via the web sites unless you have also forwarded port 4125 (or established an alternate port) to your WHS. If your ISP blocks port 4125, or if you have two (or more) Windows Home Servers, you will need to do the following.

 

To get the remote access to work, access your WHS via RDP or other means as above. Using My Computer, navigate to C:\Inetpub\remote\ and open the file rdpload.aspx in notepad (it might be prudent to make a backup copy first)."

 

Any ideas please how we achieve this in WHS 2011? Many thanks.

Link to post
Share on other sites
jmwills

You are trying to control a remote or local client?  If local and it still goes haywire, you could RDP from the sever local to the local client.

 

If you are trying to RDP to a client directly via the dashboard from the WAN, think about it.  You are coming in from xx80, xx443, xx4125 which you allowed in Port Forwarding.  You are now requesting that traffic to go external so I think that you need a Firewall rule for xx4125 to allow outbound connections.

Link to post
Share on other sites
TomatoBoy

Apart from the earlier error message when trying to connect to a client, we are also getting the message, cannot connect because the Remote Desktop Gateway server address requested and the certificate subject name do not match. This is only when connecting via the web service trying to remote control the server itself. I am sure this is certificate related but have no idea how to proceed.

Link to post
Share on other sites
TomatoBoy

You are trying to control a remote or local client?  If local and it still goes haywire, you could RDP from the sever local to the local client.

 

If you are trying to RDP to a client directly via the dashboard from the WAN, think about it.  You are coming in from xx80, xx443, xx4125 which you allowed in Port Forwarding.  You are now requesting that traffic to go external so I think that you need a Firewall rule for xx4125 to allow outbound connections.

 

Firewall rules on the WHS 2011?

 

In the router we have:

xx80 > xx80  (IIS binding changed)

xx443 > xx443  (IIS binding changed)

xx4125 > 4125  (Port redirected)

 

So, the RDP 4125 traffic actually enters the WHS 2011 on the native port. Is this not a certificate error related either to the 'address' of the server being changed by the IIS binding alteration, thus not matching what is expected in the Anytime Access settings that were setup before we altered the bindings?

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...