RD works via lan but not via internet

Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

Hi,

I have problems setting up RD on a computer running Windows XP professional
over the internet while everything works fine over lan. This is the same for
VNC. On Windows 2000 computers vnc works fine.

I have gone through the page
http://theillustratednetwork.mvps.org/RemoteDesktop/RemoteDesktopSetupandTroubleshooting.html
with the following results:

1) Firewall is turned off (windows and other software firewalls, on my
router NAT is turned on).
2) In NAT on the router de ports TCP 3389 (RD) and TCP 5900 (VNC) are
forwarded.
3) My ISP has assigned a static IP.
4) Logging Remote Desktop Connection information > only local logons asre
found (lan), remote (internet) logons are not found in the log.
5) Port reporter > the same as 4)
6) Netstat shows that the ports 3389 and 5900 are being listened to.
7) Port qwery> Local IP address: ports 3389 and 5900 are being listened to.
Internet IP address: ports 3389 and 5900 are being
filtered.
Internet IP address: other ports are blocked.
8) IPconfig information: comparing ipconfig information between the XP and
the 2000 machine I see that IP routing and win-proxy are enabled on the XP
machine and not on the 2000 machine.

I have had the same problems on a XP home machine (with VNC and not RD),
which was not resolved.

It looks like RD and VNC are functioning well on the XP machine in een
lan-setting. VNC is working fine on W2000 machines in a LAN en internet
setting. XP with VNC and RD in a internet setting just want to work
properly. What am I doing wrong?

gts Bart
6 answers Last reply
More about works internet
  1. Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

    Well, it comes down to a router and port forwarding issue... What router?
    With that information perhaps someone can help with specific instructions...

    http://www.portforward.com/routers.htm

    To test this you must be using a remote PC and *NOT* a local PC calling the
    public IP of the router.

    Are you running the newest firmware in the router?
    Have you tried a power off/on reset of the router?
    Are you calling the correct public IP of the router?

    Have you tried the http://www.canyouseeme.org test from the XP PC for both
    TCP Port 3389 (RDP) and TCP Port 5900 (VNC)? Does the test report the
    correct static IP for the router (as assigned by your ISP)? If you get a
    timeout then its back to the router issue...

    --

    Al Jarvi (MS-MVP Windows Networking)

    Please post *ALL* questions and replies to the news group for the mutual
    benefit of all of us...
    The MS-MVP Program - http://mvp.support.microsoft.com
    This posting is provided "AS IS" with no warranties, and confers no
    rights...


    "Bart Stradmeijer" <bart@stradmeijer.net> wrote in message
    news:42bd502a$0$768$3a628fcd@reader10.nntp.hccnet.nl...
    > Hi,
    >
    > I have problems setting up RD on a computer running Windows XP
    > professional
    > over the internet while everything works fine over lan. This is the same
    > for
    > VNC. On Windows 2000 computers vnc works fine.
    >
    > I have gone through the page
    > http://theillustratednetwork.mvps.org/RemoteDesktop/RemoteDesktopSetupandTroubleshooting.html
    > with the following results:
    >
    > 1) Firewall is turned off (windows and other software firewalls, on my
    > router NAT is turned on).
    > 2) In NAT on the router de ports TCP 3389 (RD) and TCP 5900 (VNC) are
    > forwarded.
    > 3) My ISP has assigned a static IP.
    > 4) Logging Remote Desktop Connection information > only local logons asre
    > found (lan), remote (internet) logons are not found in the log.
    > 5) Port reporter > the same as 4)
    > 6) Netstat shows that the ports 3389 and 5900 are being listened to.
    > 7) Port qwery> Local IP address: ports 3389 and 5900 are being listened
    > to.
    > Internet IP address: ports 3389 and 5900 are being
    > filtered.
    > Internet IP address: other ports are blocked.
    > 8) IPconfig information: comparing ipconfig information between the XP and
    > the 2000 machine I see that IP routing and win-proxy are enabled on the XP
    > machine and not on the 2000 machine.
    >
    > I have had the same problems on a XP home machine (with VNC and not RD),
    > which was not resolved.
    >
    > It looks like RD and VNC are functioning well on the XP machine in een
    > lan-setting. VNC is working fine on W2000 machines in a LAN en internet
    > setting. XP with VNC and RD in a internet setting just want to work
    > properly. What am I doing wrong?
    >
    > gts Bart
    >
    >
  2. Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

    Hi

    I think I have exactly the same problem. I'm using a DLink DSL 504 ADSL
    router and the RDC connection works fine specifying the internal IP address
    of my RDC host but not the router's public address. Again, I'm using NAT,
    forwarding the RDC port to a statically assigned internal address on the RDC
    host PC. No problems connecting to the RDC host's 3389 port from
    canyouseeme.org.

    Al, can you explain why this doesn't work from a second internal pc
    (presumably something to do with NAT)?

    Thanks and regards

    Cliff
  3. Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

    When you say it "doesn't work from a second internal pc" do you mean your
    trying to call over your private LAN but using the public IP of your router?
    To call another PC (ie. PC1) on your local private LAN from another PC (ie.
    PC2) on the same LAN use the private LAN IP of PC1. Its not a valid test to
    call the public IP for the router from PC2 and expect to connect to PC1.

    http://theillustratednetwork.mvps.org/RemoteDesktop/TroubleshootingDiagrams/Basic.html

    To test connectivity through the router you need to be on a remote system
    (ie. at work or a friends house) then call PC1 using the public IP of the
    router.

    --

    Al Jarvi (MS-MVP Windows Networking)

    Please post *ALL* questions and replies to the news group for the mutual
    benefit of all of us...
    The MS-MVP Program - http://mvp.support.microsoft.com
    This posting is provided "AS IS" with no warranties, and confers no
    rights...


    "cliffdi" <cliffdi@discussions.microsoft.com> wrote in message
    news:38BB1237-33C1-442D-A4D5-05D2FCF04432@microsoft.com...
    > Hi
    >
    > I think I have exactly the same problem. I'm using a DLink DSL 504 ADSL
    > router and the RDC connection works fine specifying the internal IP
    > address
    > of my RDC host but not the router's public address. Again, I'm using NAT,
    > forwarding the RDC port to a statically assigned internal address on the
    > RDC
    > host PC. No problems connecting to the RDC host's 3389 port from
    > canyouseeme.org.
    >
    > Al, can you explain why this doesn't work from a second internal pc
    > (presumably something to do with NAT)?
    >
    > Thanks and regards
    >
    > Cliff
    >
  4. Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

    Yes, that's exactly what I'm doing, purely in an attempt to test that my
    router's port forwarding works before taking PC2 (RDC client) offsite. If I
    connect to PC1's (RDC host) internal IP address, there's no port forwarding
    or network address translation involved (the entire connection is just on the
    internal LAN via the ADSL router's internal hub). I was hoping that by
    specifying the router's public ip address in the RDC client dialog on PC2
    that this would force the connection out on to the public side of the router
    and then back in as if the connection were coming in through the internet.
    Clearly this isn't so, but I was wondering why?

    Regards

    Cliff

    "Sooner Al [MVP]" wrote:

    > When you say it "doesn't work from a second internal pc" do you mean your
    > trying to call over your private LAN but using the public IP of your router?
    > To call another PC (ie. PC1) on your local private LAN from another PC (ie.
    > PC2) on the same LAN use the private LAN IP of PC1. Its not a valid test to
    > call the public IP for the router from PC2 and expect to connect to PC1.
    >
    > http://theillustratednetwork.mvps.org/RemoteDesktop/TroubleshootingDiagrams/Basic.html
    >
    > To test connectivity through the router you need to be on a remote system
    > (ie. at work or a friends house) then call PC1 using the public IP of the
    > router.
    >
    > --
    >
    > Al Jarvi (MS-MVP Windows Networking)
    >
    > Please post *ALL* questions and replies to the news group for the mutual
    > benefit of all of us...
    > The MS-MVP Program - http://mvp.support.microsoft.com
    > This posting is provided "AS IS" with no warranties, and confers no
    > rights...
    >
    >
    > "cliffdi" <cliffdi@discussions.microsoft.com> wrote in message
    > news:38BB1237-33C1-442D-A4D5-05D2FCF04432@microsoft.com...
    > > Hi
    > >
    > > I think I have exactly the same problem. I'm using a DLink DSL 504 ADSL
    > > router and the RDC connection works fine specifying the internal IP
    > > address
    > > of my RDC host but not the router's public address. Again, I'm using NAT,
    > > forwarding the RDC port to a statically assigned internal address on the
    > > RDC
    > > host PC. No problems connecting to the RDC host's 3389 port from
    > > canyouseeme.org.
    > >
    > > Al, can you explain why this doesn't work from a second internal pc
    > > (presumably something to do with NAT)?
    > >
    > > Thanks and regards
    > >
    > > Cliff
    > >
    >
    >
    >
  5. Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

    Its a function of the router firmware. Some support it, others do not.
    Personally I have never had a consumer grade router that did. In my case an
    older Linksys BEFSR41 and my newer Buffalo WBR-G54.

    --

    Al Jarvi (MS-MVP Windows Networking)

    Please post *ALL* questions and replies to the news group for the mutual
    benefit of all of us...
    The MS-MVP Program - http://mvp.support.microsoft.com
    This posting is provided "AS IS" with no warranties, and confers no
    rights...


    "cliffdi" <cliffdi@discussions.microsoft.com> wrote in message
    news:8716D468-3575-4817-BD0C-7567728BAE7C@microsoft.com...
    > Yes, that's exactly what I'm doing, purely in an attempt to test that my
    > router's port forwarding works before taking PC2 (RDC client) offsite. If
    > I
    > connect to PC1's (RDC host) internal IP address, there's no port
    > forwarding
    > or network address translation involved (the entire connection is just on
    > the
    > internal LAN via the ADSL router's internal hub). I was hoping that by
    > specifying the router's public ip address in the RDC client dialog on PC2
    > that this would force the connection out on to the public side of the
    > router
    > and then back in as if the connection were coming in through the internet.
    > Clearly this isn't so, but I was wondering why?
    >
    > Regards
    >
    > Cliff
    >
    > "Sooner Al [MVP]" wrote:
    >
    >> When you say it "doesn't work from a second internal pc" do you mean your
    >> trying to call over your private LAN but using the public IP of your
    >> router?
    >> To call another PC (ie. PC1) on your local private LAN from another PC
    >> (ie.
    >> PC2) on the same LAN use the private LAN IP of PC1. Its not a valid test
    >> to
    >> call the public IP for the router from PC2 and expect to connect to PC1.
    >>
    >> http://theillustratednetwork.mvps.org/RemoteDesktop/TroubleshootingDiagrams/Basic.html
    >>
    >> To test connectivity through the router you need to be on a remote system
    >> (ie. at work or a friends house) then call PC1 using the public IP of the
    >> router.
    >>
    >> --
    >>
    >> Al Jarvi (MS-MVP Windows Networking)
    >>
    >> Please post *ALL* questions and replies to the news group for the mutual
    >> benefit of all of us...
    >> The MS-MVP Program - http://mvp.support.microsoft.com
    >> This posting is provided "AS IS" with no warranties, and confers no
    >> rights...
    >>
    >>
    >> "cliffdi" <cliffdi@discussions.microsoft.com> wrote in message
    >> news:38BB1237-33C1-442D-A4D5-05D2FCF04432@microsoft.com...
    >> > Hi
    >> >
    >> > I think I have exactly the same problem. I'm using a DLink DSL 504 ADSL
    >> > router and the RDC connection works fine specifying the internal IP
    >> > address
    >> > of my RDC host but not the router's public address. Again, I'm using
    >> > NAT,
    >> > forwarding the RDC port to a statically assigned internal address on
    >> > the
    >> > RDC
    >> > host PC. No problems connecting to the RDC host's 3389 port from
    >> > canyouseeme.org.
    >> >
    >> > Al, can you explain why this doesn't work from a second internal pc
    >> > (presumably something to do with NAT)?
    >> >
    >> > Thanks and regards
    >> >
    >> > Cliff
    >> >
    >>
    >>
    >>
  6. Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

    Well, my old memory finally got into gear...

    See this old thread from a while back. Its possible it may fix your
    problem...

    http://groups-beta.google.com/group/microsoft.public.windowsxp.work_remotely/messages/594701225da9e729,a67d8ab118c36370,c987cee97431534d,7fcd7a60432ca829,cd39b930c97fc72e,f03b678a5f4a6a3d,25706322dacb2259?hl=en&thread_id=6bc536b273d55441&mode=thread&noheader=1&q=router+group:*.work_remotely+author:Sooner+author:Al&_done=%2Fgroup%2Fmicrosoft.public.windowsxp.work_remotely%2Fbrowse_frm%2Fthread%2F6bc536b273d55441%2F25706322dacb2259%3Fq%3Drouter+group:*.work_remotely+author:Sooner+author:Al%26rnum%3D41%26hl%3Den%26#doc_594701225da9e729

    --

    Al Jarvi (MS-MVP Windows Networking)

    Please post *ALL* questions and replies to the news group for the mutual
    benefit of all of us...
    The MS-MVP Program - http://mvp.support.microsoft.com
    This posting is provided "AS IS" with no warranties, and confers no
    rights...


    "Bart Stradmeijer" <bart@stradmeijer.net> wrote in message
    news:42c2b88f$0$774$3a628fcd@reader20.nntp.hccnet.nl...
    > Hi Al,
    >
    > I ran the http://www.canyouseeme.org test from the XP-PC for the ports
    > 3389,
    > 5910 (forwarded to 5900) and 5810 (forwarded to 5800) with a time out
    > error
    > as result. The test on a W2000-PC for the ports 21, 5900 and 5800 was
    > succesful. The type of settings on the router were the same.
    >
    > Any clues?
    >
    > gts Bart
    >
Ask a new question

Read More

LAN Internet Windows XP