Archived from groups: microsoft.public.windowsxp.work_remotely (
More info?)
Well, I tried with out going through a SSH tunnel and I connected just fine from a remote PC. The
RDP host is a fully patched XP Pro SP2 machine on my local LAN. So, there is something else going on
here, but I can't say what.
By the way, AFAIK, SSH does not assign a local subnet IP to the remote PC when you connect. I could
be wrong about that though and need to look into that further...
Bottom line though is as long as it works for you then that's good...
Later...
--
Al Jarvi (MS-MVP Windows Networking)
Please post *ALL* questions and replies to the news group for the mutual benefit of all of us...
The MS-MVP Program -
http://mvp.support.microsoft.com
This posting is provided "AS IS" with no warranties, and confers no rights...
"Jim Johnson - Serenity Consulting" <JimJohnsonSerenityConsulting@discussions.microsoft.com> wrote
in message news:CFCE151B-5D41-4CE4-A712-F5C43F69053C@microsoft.com...
> Al,
> I'll bet most VPN's will work because the remote connection appears to be
> part of the local subnet; i.e., part of the LAN.
>
> My LAN access worked fine (although I have few needs to manipulate the host
> from another PC when I am sitting right next to it <g>). For the few times I
> need to access my home-office PC remotely, I don't want to deal with setting
> up a VPN. Remote Desktop alone has sufficient security for my needs. It was
> when I was logging in across the Internet with an IP in a different subnet
> that Remote Desktop would no longer work. It USED to work fine.
>
> Without changing any of your Remote Access related services on your Remote
> Desktop host, and without setting up a VPN tunnel, try launching the Remote
> Desktop from outside the host's subnet.
>
> By turning off Remote Access, Microsoft did indeed make many PCs more
> secure. However, I contend that it is the rough equivalent of curing a
> headache with a guillotine. The security issues would be better addressed in
> the firewall through a close link between port 3389 and Terminal Services.
>
> Jim Johnson
> Serenity Consulting
>
> "Sooner Al [MVP]" wrote:
>
>> That's interesting because I just looked at my XP Pro desktop and all of those services are
>> listed
>> as both "Manual" and the status is "Stopped". In my case I can access my XP Pro desktop using
>> Remote
>> Desktop just fine from the public internet through a SSH tunnel...
>>
>> Weird...
>>
>> --
>>
>> Al Jarvi (MS-MVP Windows Networking)
>>
>> Please post *ALL* questions and replies to the news group for the mutual benefit of all of us...
>> The MS-MVP Program -
http://mvp.support.microsoft.com
>> This posting is provided "AS IS" with no warranties, and confers no rights...
>>
>>
>> "Jim Johnson - Serenity Consulting" <JimJohnsonSerenityConsulting@discussions.microsoft.com>
>> wrote
>> in message news:752EDB65-D7D9-4E10-BEDE-DDD9B3E94062@microsoft.com...
>> > Yes it is fixed, just tested from remote location outside the LAN and Remote
>> > Desktop is again fully operational.
>> >
>> > As both Remote Assistance and Remote Desktop are checked to allow in System
>> > Properties/Remote, Windows Firewall was set to allow Remote Desktop, and
>> > Remote Desktop "suddenly" stopped working outside the LAN, I suspect one of
>> > Microsoft's security updates turned off the Remote Access services.
>> >
>> > "Jim Johnson - Serenity Consulting" wrote:
>> >
>> >> PROBLEM FIXED?:
>> >>
>> >> I activitated various event logs, and found this error...
>> >> ID: 20106
>> >> Source: RemoteAccess
>> >> Version: 5.2
>> >> Symbolic Name: ROUTERLOG_COULDNT_ADD_INTERFACE
>> >> Message: Unable to add the interface %1 with the Router Manager for the %2
>> >> protocol. The following error occurred: %3
>> >>
>> >> Explanation
>> >> Possible causes include:
>> >>
>> >> The interface type is not dedicated
>> >> The loopback and router is configured in Lanonly mode
>> >> ======================
>> >> I then checked Services in the Adminstrative Tools and found that the
>> >> following services where in manual mode and not started:
>> >> Remote Access Auto Connection Manager
>> >> Remote Access Connection Manager
>> >> Remote Desktop Help Session Manager
>> >>
>> >> Changing these services to 'automatic' (and starting the Remote Access
>> >> services) now allows port 3389 to be seen using the web-based port scanner,
>> >> www.canyouseeme.org. Without these services running, Remote Desktop will only
>> >> work on a LAN.
>> >>
>> >> How they got changed to manual and turned off in the first place is beyond me.
>> >>
>> >>
>> >> "Jim Johnson - Serenity Consulting" wrote:
>> >>
>> >> > Running XP Pro SP2 on both host (desktop) & client (laptop). Windows Firewall
>> >> > running on host, Remote Desktop enabled through System Properties and users
>> >> > assigned (I've also verfied that the Firewall allows exceptions and Remote
>> >> > Desktop is checked, and the 'Advanced' tab shows Remote Desktop enabled and
>> >> > pointing to itself by computer name).
>> >> >
>> >> > Remote Desktop works flawlessly when connecting within the LAN.
>> >> >
>> >> > At one time RD worked just fine across the Internet using port forwarding
>> >> > through my router. Now it refuses to connect across the Internet.
>> >> >
>> >> > I've tried numerous things, up to and including switching from cable to DSL,
>> >> > rebuilding the router settings after doing a factory reset - - and even
>> >> > by-passing the router and connecting the host directly to the DSL modem.
>> >> >
>> >> > I can ping the host PC without problem, so I know I've got the correct IP
>> >> > address.
>> >> >
>> >> > I've seen suggestions for rolling the terminal services .dll on the host
>> >> > back to the SP1 version. Before doing that, is there something I've missed?
>> >> > For example, an MS Hotfix?
>>
>>
>>