RDP only works locally. Port forwarding configured correctly

0

1

So I have two Windows 7 computers I've set to allow remote desktop connections (Not requiring Network Level Authentication). One of them works just fine both locally and across the NAT. The other works locally, but not across the NAT. Instead, mstsc hangs on "Configuring remote session" and then says computer can't connect to the remote computer.

Things I've tried:

  • Turn off all firewalls on the problem computer
  • switch the public port on the NAT to 3389 (both were set up with different public ports and private port 3389)

In MSTSC:

  • Disable all local resources
  • Disable persistent bitmap caching

I am completely stumped. Currently I'm making a remote desktop connection to the working computer and then using that to RDP to this one...

Vlad

Posted 2013-10-28T04:00:27.693

Reputation: 1

maybe a dumb question, did you try rebooting the windows host? – Joe T – 2013-10-28T04:18:32.817

1Something to try to determine whether the problem is with the router (NAT) or the host, try switching the ip addresses of the two hosts while keeping the same NAT rules and see if the same one still works. – Joe T – 2013-10-28T04:19:30.320

Thanks @JoeT. It never occurred to me it could be a bug in the router. After switching the IPs, I couldn't make the other connection. I migrated that line in the port forwarding rules to a different slot (DIR-655) and it works now... Not sure if this question would be relevant to anyone else, do I delete it? – Vlad – 2013-10-28T21:32:14.083

Answers

0

I've encountered the same symptoms when the inbound and outbound traffic was being routed via different routes.

As an example say you had a computer called A-RDP running an RDP server, and a pair of routers R and G. Router G is the gateway to the internet. Router R is a router behind gateway G. If server A-RDP has a default gateway of router R, but the port forwarding from gateway G goes directly to server A-RDS, then the connection will not establish, and it will take at least 10 seconds to figure that out and say it cannot connect.

In that scenario you have 2 options

  • change A-RDP's default gateway to be gateway G and add any static routes to A-RDP that are needed to use router R.
  • change the port forward in gateway G to go to router R and on router R enable masquerading and port forward from router R to computer A-RDP.

Note that SSH also has a similar security policy.

BeowulfNode42

Posted 2013-10-28T04:00:27.693

Reputation: 1 629

Asked: 2013-10-28T04:00:27.693

Viewed: 1 305 times

Active: 2016-04-23T06:56:05.393