Jump to content
RESET Forums (homeservershow.com)

Server Essentials R2 2012 - AnyWhere Access RDP


mdresser
 Share

Recommended Posts

Hi Guys,

 

Finally got into the forum, you must have been having some DB issues when I was trying to join the other day.

 

Ok, Here is my problem. The server is set up and I can use Access Anywhere from my parents house and successfully RDP to the server and clients. When I am at work this doesn't work, I click the server or Client, enter my credentials and it just sits there saying "Initiating Remote Connection", this eventually times out and I get the usual message saying "Remote desktop can't connect to the remote computer for one of the reasons:........"

 

I've run a Wireshark trace and can see messaging between the PC I'm using and my external IP address.

 

Originally I thought it was due to the RDP redist ActiveX as this wasn't installed and wouldn't. I now have this running and still getting the same issue.

 

I haven't checked out the server logs yet, and for some reason my VPN is no longer working so I can't check till later. But if anyone has any thoughts on the issue I would be glad to hear.

 

Thanks

 

Michael.

Link to comment
Share on other sites

Hmm, I'm not sure. I never used to have problem back on WHS 2011 using 80,443 and 4125.

 

I thought Server 2012 Essentials uses 443 SSL for the remote desktop to help get around the issues with ISP's blocking the other ports. I can set up a VPN from work no problems, I now  have this working as I had to define a port range in the MMC > Routing and Remote Access. However it does seem to suggest an issue with my workplace.

 

In Server Manager Remote Desktop Services is showing as Red with 1 event.

XXXXXXSERVER 103 Critical Microsoft-Windows-TerminalServices-Gateway Microsoft-Windows-TerminalServices-Gateway/Operational

03/06/2014 20:15:42

 

 

I can also see the following events:

XXXXXXSERVER 20499 Warning Microsoft-Windows-TerminalServices-RemoteConnectionManager Microsoft-Windows-TerminalServices-RemoteConnectionManager/Admin 04/06/2014 13:59:38

Remote Desktop Services has taken too long to load the user configuration from server \\DresserServer.DRESSER.local for user SysAdmin

 

XXXXXXSERVER 400 Warning Microsoft-Windows-TerminalServices-Gateway Microsoft-Windows-TerminalServices-Gateway/Operational 04/06/2014 12:56:22

The RD Gateway service is shutting down. This maybe voluntary administrator restart or a configuration driven restart due to RDG server certificate change. If the RD Gateway shutdown was not expected, kindly verify whether the following services are started: (1) Network Policy Server; (2) Remote Procedure Call (RPC); (3) RPC/HTTP Load Balancing Service;  and (4) World Wide Web Publishing Service. Also, check Event Viewer for Network Policy Server (NPS) and IIS events that might indicate problems with NPS or IIS.

 

XXXXXXSERVER 226 Warning Microsoft-Windows-TerminalServices-ClientActiveXCore Microsoft-Windows-TerminalServices-RDPClient/Operational 03/06/2014 21:59:03

RDPClient_Gateway: An error was encountered when transitioning from AAStateInitializingTunnel to AAStateError in response to 6 (error code 0x80070005).

Link to comment
Share on other sites

I'm wondering if it's starting to initiate the connection but your work firewall is preventing some critical piece of information from getting back in to your workplace PC. Is the PC you're using to connect the same one at work and your parents'?

Link to comment
Share on other sites

I'm beggining to wonder the same thing ikon, I will speak to our network team to see if we can work out why.

 

jmwills, what setting and to delay what?

Link to comment
Share on other sites

I have managed to find the following error when trying to RDP onto the server from work.

 

An account failed to log on.

Subject:
    Security ID:        NULL SID
    Account Name:        -
    Account Domain:        -
    Logon ID:        0x0

Logon Type:            3

Account For Which Logon Failed:
    Security ID:        NULL SID
    Account Name:        Admin
    Account Domain:        XXXXXXXX

Failure Information:
    Failure Reason:        An Error occured during Logon.
    Status:            0xC000035B
    Sub Status:        0x0

Process Information:
    Caller Process ID:    0x0
    Caller Process Name:    -

Network Information:
    Workstation Name:    W7TW697
    Source Network Address:    -
    Source Port:        -

Detailed Authentication Information:
    Logon Process:        
    Authentication Package:    NTLM
    Transited Services:    -
    Package Name (NTLM only):    -
    Key Length:        0

This event is generated when a logon request fails. It is generated on the computer where access was attempted.

The Subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The Logon Type field indicates the kind of logon that was requested. The most common types are 2 (interactive) and 3 (network).

The Process Information fields indicate which account and process on the system requested the logon.

The Network Information fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The authentication information fields provide detailed information about this specific logon request.
    - Transited services indicate which intermediate services have participated in this logon request.
    - Package name indicates which sub-protocol was used among the NTLM protocols.
    - Key length indicates the length of the generated session key. This will be 0 if no session key was requested.

Link to comment
Share on other sites

Cracked it!!!

 

I have a few VM's at work for exam study and i tried one of those (Windows 8.1) and it worked, so knew it wasn't a work firewall issue. The error above pointed me in the right direction with NTLM authentification only where as Server 2012 uses NTLMv2. So I changed LmCopatibilityLevel in the registry to 3 on my works desktop.

 

the following article was handy once translated http://support.microsoft.com/kb/2903333/de

Edited by mdresser
Link to comment
Share on other sites

Can you create the VPN tunnel?  If so, try the IP address instead of the hostname.  Your work DNS does not know how to resolve those IP addresses.

 

no speken de deutsche

Link to comment
Share on other sites

Yes VPN and Access Anywhere RDP all working now as is DNS. All Green on the dashboard. :)

 

I copied the text into google translate. The issue wasn't the server but the computer I was using at work which would only work with NTLMv1. Need to check that there isn't a Group Policy at work which will overide it next time I reboot.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...