Non-standard Remote Desktop port - Outbound

I am having problems using non-standard RDP  port from  the local network to the remote terminal server accepting requests only on port 32123  at the Internet.
Example:  69.159.24.1:32123  
Eveything working fine if i use  the direct connection to the internet OR the standard RDP port  (3389) through the Lynksys.
When I try to go through the Linksys WRT300N v1.1 (latest firmware) client just times out.
Any ideas ?

Try to forward any specific range of the ports ..... & also check that Remote desktop setting is enabled or not ....

Similar Messages

  • How to change Firewall remoted desktop port?

    How to change Firewall remoted desktop port
    I have changed the listening port in the registry.
    I added a rule for incoming for RDT.
    I can find the rules, and other items in the Firewall lists.
    But I cannot find how to edit to change the port number.
    Other threads indicate just added an open port not designating RDT as the program.
    Guidance please.

    >So, when inserting a new rule and choosing RDT from the program list automatically inserts the default port number? 
    My fault.  You should not select RDT from the program list, but instead
    select the radio button for port, then click next, select TCP, and add in
    the port number, then next and continue on with setting allow connection
    and then when does this rule apply.
    Bob Comer

  • Remote Desktop Ports Not Working

    Hello, I am trying to set up my new laptop with Remote Desktop. I have Norton 360 on it and a linksys EA6900 router.
     And this is all on my home network.
    My issue is that I cant seem to connect to the laptop to the port 3391 I opened up on it. I have two other PCs that are wired
    at 3389 and 3390 and are totally fine. 
    I changed the RDP port number in regedit to 3391. Forwarded the port to the laptops reserved IP (1.23.25.250) and I even allowed
    the port in the firewall for norton and in windows firewall for fun.
    Even doing all that I still cannot connect even though I did the same for my two other PCs and theyre fine. 
    I can for some reason ping everything out of my laptop but not to it. 
    Whrn I use a port checker tool it does say 3391 is not open but 3389 and 3390 are which is weird to me.
    Hope someone can help out, thank you.

    Hi cmcigas,
    “I can for some reason ping everything out of my laptop but not to it”
    To verify whether it is related to the firewall ,we can temporarily turn off the firewall to have a check .
    Here is a link for reference of this issue
    Nobody Can Ping My Computer
    https://technet.microsoft.com/en-us/library/cc749323(v=ws.10).aspx
    We may also need to run the built-in troubleshooter tool to have a diagnostic of the network .
    Control Panel\All Control Panel Items\Troubleshooting\Network and Internet\Network Adapter and Incoming Connections
    " I even allowed the port in the firewall for norton and in windows firewall for fun."
    How did you set the firewall ?
    To set the firewall  ,here is a link for reference
    Open a port in Windows Firewall (It is an example in Windows 7,the Windows 8.1 can share the same step)
    http://windows.microsoft.com/en-hk/windows/open-port-windows-firewall#1TC=windows-7
    Best regards

  • Windows 2008 R2 Standard Remote Desktop Users cannot Connect

    I have a windows 2008 R2 Standard Terminal Server and some users aren't able to connect even though they are in groups that are in Remote Desktop Users on the local computer.  I checked the local security policy setting "Allow log on through Remote
    Desktop Services" and I see that Remote Desktop Users is a member of this group.  Inside of Remote Desktop Users we have DOMAIN\Domain Users and DOMAIN\Terminal Users.  Most of our users are in both groups, but there are still some people that
    aren't able to connect via Remote Desktop to this computer.  There are no users in "Deny logon through Terminal Services."
    Thanks!

    Hi,
    Thank you for posting in Windows Server Forum.
    Is it happens to all users or any particular group of users?
    Please check by creating new user add them to “Remote Desktop Users” group and then see whether that test user can remote desktop to the server.
    It also might happens that you may be limited in number of users or some connection issue or may be firewall setting issue. Please go through beneath article for information.
    Remote Desktop disconnected or can’t connect to remote computer or to Remote Desktop server (Terminal Server) that is running Windows Server 2008 R2
    http://support.microsoft.com/kb/2477176
    Hope it helps!
    Thanks.
    Dharmesh Solanki

  • Remote desktop port forwarding comcast business class

    i recently had a network change and i have lost my ability to remote into my computer at home from elsewhere using ARD.
    i'm more than certain that it is the port forwarding that is not set up correctly on my comcast business class modem.  i do have a static IP.
    I would really love some help with this.  happy to provide any information necessary.  please let me know what you need to know in order to guide me to the correct solution.
    thanks!!

    NDebt4Ever wrote:
    What server are you referring to? I don't think I'm going through a server.
    He means the RDP server, that is running on the machine you are trying to access at 192.168.1.5
    That is defined as a static address on the machine?
    You did this presumably
    Start Registry Editor.
    Locate and then click the following registry subkey:HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TerminalServer\WinStations\RDP-Tcp\PortNumber
    On the Edit menu, click Modify, and then click Decimal.
    Type the new port number, and then click OK.
    Quit Registry Editor.
    Restart the computer
    and have gone back to check it?
    Are you running windows firewall on that machine?  If so maybe you have to set the firewall to allow the new port number before you connect to this computer by using the Remote Desktop connection.

  • Windows Server 2012 Standard - Remote Desktop Management service won't start

    Dear colleges, I'm seeking your help in resolving a weird issue with Remote Desktop.
    The Remote Desktop Management service gives the following error message any  time it is attempted to start:
    "The Remote Management Service on Local Computer started and then stopped. Some services stop automatically if they are not in use by other services or programs."
    The Event Viewer error message is as follows:
    "The Remote Desktop Management service failed to start. Error code: 0x88250001"
    Whenever I connect to the server with RD I get error message that the Remote Desktop Licensing Server isn't configured and that the RD trill will expire in N-days. The server is up to date updates wise and has been licensed for 5 RD CALs. The server hosts DNS
    server and has AD DS role installed, is virtualized to have one Hyper-V server.
    I read some blogs about having both DNS and AD DS on one box is a bad sea and a root cause of the issue. Well, that very well may be, but for me that's an option as I'm not going to get a box to just host DNS. There should a solution to this as I shouldn't
    only one suffering from this issue.
    I also read about KB2871777 - Servicing stack update supposedly addressign this issue. Well, it's on my system and the issue is there too. :)
    Will I loose ability to RD when the trial expires or it's just another misleading MS message that can be ignored?
    How do I mend Remote Desktop Management service to start?
    Appreciate your help!
     

    Hi,
    Thank you for posting in Windows Server forum.
    Can administrators perfectly connect to RDS environment?
     In meantime please check that you have properly configured and activated RD License role service and install RDS CAL on it. It might also possible that you have configured RD License server but it server can’t find it and giving you error due to certificate
    also. Please check that you have properly configured certificate on your RDS Server. Try to install and update below hotfix for License related issue.
    No RDS license when you connect to an RDS farm in Windows Server 2012
    http://support.microsoft.com/kb/2916846
    If you have configured both RDS and AD DS on single server then also you may find some error reading this. If so please try to setup both roles on different server and check the result. In addition to this, please check below articles.
    What's New in Remote Desktop Services in Windows Server 2012
    http://technet.microsoft.com/en-in/library/hh831527.aspx
    Install Remote Desktop Services Failed on Windows 2012 Server
    http://social.technet.microsoft.com/Forums/windowsserver/en-US/bbf47aa2-8ae5-4f22-9827-afee5a11417a/install-remote-desktop-services-failed-on-windows-2012-server?forum=winserverTS
    Hope it helps!
    Thanks.
    Dharmesh Solanki

  • Chromium for osx Marveicks  and chrome remote desktop cloud computing App!

    Hello!!!
    Good Day to Everyone.
    I'm clkwong@ and cho leung Kwong@ in Hong Kong.
    I have an imac and a macbook air , both of them is installed mac osx Marveicks.
    I download chroimium for mac Marveicks on both machines and install chrome remote desktop on both machines.
    When I have openned the chrome remote desktop and it was been logged in gmail account,  after accept the authority , then I choosed  the option in chrome remote desktop --> my computer.
    It needs to input pin (any 6 numbers) and input again , then ok.
    After that the cloud needed  to confirm the pin!
    And then I  used the macbook air and opened chrome remote desktop and choose the logged in gmail account computer and
    comfirmed the pin.
    Amazing, something happened, I could use the macbook air to operate the imac.
    For the above my experience of chrome remote desktop of chromium for mac osx Marveicksv use, I have an idea for remote access as follows :-
    1. I can use iphone 5 series with 4G lte/advanced and apple remote desktop App for ios 7 to connect to home's apple computer through icloud.
    2 . I can use iphone 5 series 4G lte and icolud with home's apple computer Internet share as wifi router to operate home's appliances which have wifi devices with App.
    3. I can use iphone 5 series 4G lte and icloud  to operate with home's apple computer for 4K video downloaded from website and stored in home's apple computer with usb 3.0 external Hard Disk.
    Thanks, Jesus loves.
    reported by clkwong@ in cloud!!!

    Hi Shay,
    Thank you for posting in Windows Server Forum.
    Please check that required ports is opened for remote desktop (port 3389)?
    Are you performing remote desktop with IP address or Hostname?
    Did you find any specific error for your case?
    Also there is required network connection available. If you can successfully connect with IP address then there might be issue with Hostname resolution for your server. From your description it also seems that there are some credential issue occurs for you.
    Please try with domain\username and verify. 
    You can also try URI scheme for connecting, for more detail refer this article.
    Remote Desktop Client URI Scheme Support
    http://technet.microsoft.com/en-us/library/dn690096.aspx
    Hope it helps!
    Thanks.
    Dharmesh Solanki
    TechNet Community Support
    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

  • Common Issues - Connecting (Remote Desktop) to Virtual Machine

    This posting contains a list of some of the common problems that have been seen in early usage of Windows Azure Virtual Machines. These topics can be used as a guide to resolve some of the most common problems that are likely to occur when first using Windows
    Azure Virtual Machines
    Potential issues that may be seen:
    1.) Remote Desktop endpoint is missing
    Each virtual machine that is created should have a remote desktop endpoint for the VM at port 3389. If this endpoint is deleted then a new endpoint must be created. The public port can be any available port number. The private port (the port on the VM) must
    be 3389.
    2.) RDP fails with error: "The specified user name does not exist. Verify the username and try logging in again. If the problem continues, contact your system administrator or technical support."
    RDP connection may fail when there are cached credentials. Please see the following article to resolve this problem:
    http://www.c-sharpcorner.com/uploadfile/ae35ca/windows-azure-fixing-reconnect-remote-desktop-error-the-specified-user-name-does-not-exist-verif/
    3.) Failure to connect to uploaded VHD
    When a VHD is uploaded to Windows Azure you must make sure that Remote Desktop is enabled on the VHD and an apporopriate firewall rule is enabled on the VM to open port 3389 (Remote Desktop port)
    Messages posted to this forum are provided "AS IS" with no warranties

    Yes we do have a few RDP connection issues that we are working to resolve. We have a few fixes that will be going out in the next two weeks that should solve some of these issues. If you are still seeing issues after restart and resize then please follow
    these steps:
    Start a unique thread in the forum (for our internal tracking)
    Send email to [email protected] with your subscription ID, Deployment ID and a link to the thread.
    Messages posted to this forum are provided "AS IS" with no warranties

  • Remote desktop fails, can still connect to event log and services.

     I am unable for some reason to remote into a machine that I've been able to before.  This occurred after it installed automatic updates.  At the moment I can connect to
    services and the event log from another machine with the same credentials, but I can't log onto the machine itself.  Is there any way to reset this info or such.  This machine is a part of a domain and can read credentials from the domain controller. 
    I also do know that remote desktop is enabled.
    The following error occurs in the even log on the affected machine.
    Log Name:      Security
    Source:        Microsoft-Windows-Security-Auditing
    Date:          2013-03-21 10:28:23 AM
    Event ID:      5061
    Task Category: System Integrity
    Level:         Information
    Keywords:      Audit Failure
    User:          N/A
    Computer:      ****
    Description:
    Cryptographic operation.
    Subject:
        Security ID:        SYSTEM
        Account Name:        ****$
        Account Domain:        *******
        Logon ID:        0x3e7
    Cryptographic Parameters:
        Provider Name:    Microsoft Software Key Storage Provider
        Algorithm Name:    RSA
        Key Name:    TSSecKeySet1
        Key Type:    Machine key.
    Cryptographic Operation:
        Operation:    Decrypt.
        Return Code:    0xc000000d
    Event Xml:
    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
      <System>
        <Provider Name="Microsoft-Windows-Security-Auditing" Guid="{54849625-5478-4994-A5BA-3E3B0328C30D}" />
        <EventID>5061</EventID>
        <Version>0</Version>
        <Level>0</Level>
        <Task>12290</Task>
        <Opcode>0</Opcode>
        <Keywords>0x8010000000000000</Keywords>
        <TimeCreated SystemTime="2013-03-21T14:28:23.339874500Z" />
        <EventRecordID>937125</EventRecordID>
        <Correlation />
        <Execution ProcessID="500" ThreadID="548" />
        <Channel>Security</Channel>
        <Computer>**********</Computer>
        <Security />
      </System>
      <EventData>
        <Data Name="SubjectUserSid">S-1-5-18</Data>
        <Data Name="SubjectUserName">*******$</Data>
        <Data Name="SubjectDomainName">********</Data>
        <Data Name="SubjectLogonId">0x3e7</Data>
        <Data Name="ProviderName">Microsoft Software Key Storage Provider</Data>
        <Data Name="AlgorithmName">RSA</Data>
        <Data Name="KeyName">TSSecKeySet1</Data>
        <Data Name="KeyType">%%2499</Data>
        <Data Name="Operation">%%2484</Data>
        <Data Name="ReturnCode">0xc000000d</Data>
      </EventData>
    </Event>

     
    Hi,
    The following methods could be used to resolve some of the most common problems.
    Potential issues that may be seen:
    1.) Remote Desktop endpoint is missing
    Each virtual machine that is created should have a remote desktop endpoint for the VM at port 3389. If this endpoint is deleted then a new endpoint must be created. The public port can be any available port number. The private port (the port on the VM) must
    be 3389.
    2.) RDP fails with error: "The specified user name does not exist. Verify the username and try logging in again. If the problem continues, contact your system administrator or technical support."
    RDP connection may fail when there are cached credentials. Please see the following article to resolve this problem:
    http://www.c-sharpcorner.com/uploadfile/ae35ca/windows-azure-fixing-reconnect-remote-desktop-error-the-specified-user-name-does-not-exist-verif/
    3.) Failure to connect to uploaded VHD
    When a VHD is uploaded to Windows Azure you must make sure that Remote Desktop is enabled on the VHD and an apporopriate firewall rule is enabled on the VM to open port 3389 (Remote Desktop port).
    Hope this helps!
    Regards.
    Vivian Wang
    TechNet Community Support

  • Terminal: Stored Remote Connection with non-standard Port?

    Hi,
    I am new to MacOS and I am amazed by the integrated terminal. However, I sometimes need to connect to servers which use a non-standard SSH port, for example, 2020. I know that I can manually connect, but for convinience, I'd like to have a saved remote connection including the non-standard port. Is this possible somehow?
    Thanks,
    Felicitus

    I did some experimentation, using Terminal.
    Terminal -> New Remote Connection -> Service -> [+]
    now enter your own new service which includes
    /usr/bin/ssh -p 50022
    I found I had to enter a bonjour entry to get it to accept my new service, but once I did, I was able to use that new service with the custom -p 50022 port value.
    Your mileage may vary. I still prefer iTerm.
    Oh yea. In the future, Terminal and Unix oriented questions are better asked in the Mac OS X Technologies > Unix Forum
    <http://discussions.apple.com/forum.jspa?forumID=735>

  • How to use non-standard port for vnc?

    Our Windows users who use RDC to connect to their desktops from off-site come in on a non-standard port number. Part of our security setup.
    I'd like to do the same with Mac users who use screen sharing and vnc to connect remotely.
    How can I specify another port number at both ends to accomplish this?
    I can find nothing in the Network Utility app, or in the KB.
    Surely there's a short sequence of Terminal commands that will do this?

    I haven't tried this so don't know whether it will work. But I think it will. Presuming the target machine is a Mac, see if editing its /etc/services file will do it. Find the two lines that start with "vnc-server" and change the port number there. Launch Terminal.app as an administratively privileged user, sudo pico /etc/services, ^w to search for vnc-server, make the changes, ^x to exit, y to save and overwrite. Also, you will need to have screen sharing enabled in the target machine's System Preferences' Sharing, and the authorized users defined there, too. Reboot. Now, on the remote client, assuming it is also a Mac, the user would type ⌘k in the Finder (or mouse to Finder > Go > Connect to Server), and enter something like vnc://123.45.67.89:55900 where you substitute the actual IP address or host name for where I have entered 123.45.67.89, and where you substitute the actual alternate port number where I have entered 55900. Of course, in the clients' Screen Sharing's Preferences, they should choose to encrypt the entire session, not just the login. Like I said, I haven't tried this because I just tunnel my vnc stuff through ssh, but I'm thinking that this should work.

  • Using non-standard sshd port after 10.8 upgrade

    After spending hours tracking down this solution as a result of losing my ssh settings after the upgrade to Mountain Lion, I thought it might be useful to post the steps taken to restore the configuration I used with Snow Leopard.
    Changing the sshd default listening port
    Disclaimer: This tutorial is specific to Mountain Lion (OS X 10.8). I was able to accomplish this using Snow Leopard (OS X 10.6) in fewer steps, but upgrading required this more involved solution. 
    Steps:
    1.) You must first enable the root user account in order to change the relevant files. This can be done from the terminal, or by going to System Preferences --> Users & Groups. Once there, click on 'Login Options' at the bottom of the Current User list, and 'Join' where it says 'Network Account Server'.
    This will bring up a smaller window. Click on 'Open Directory Utility' at the bottom. You will be prompted for your admin password. Now go to the 'Edit' tab at the top of the screen and toggle down to 'Enable Root User'.  You will be prompted to enter your admin password twice.
    2.) Log out of your regular user account. At the log in screen you will now see an additional entry for 'other'. Click on that and log in with the username 'root' and your admin password. If are inexperienced as a root-level user, be careful as you can cause problems to your system can be difficult to undo.
    Once in your root account, the first step is to create a new 'service definition' in the etc/services file. Open the file with text editor of choice and scroll to the current entry for sshd listening port, which will look like this:
    ssh    22/udp    # SSH Remote Login Protocol
    ssh    22/tcp     # SSH Remote Login Protocol
    Overwrite the '22' with the port number you would like sshd to listen on:
    ssh    12345/udp   # SSH Remote Login Protocol
    ssh    12345/tcp    # SSH Remote Login Protocol
    *12345 being our hypothetical, non-standard port.
    It is important to note that the new port number will not take by simply adding a new uncommented line to the file (I tried), unless of course you comment the original ssh entries. Easiest way is just to overwrite what is there already. Save changes.
    3.) You now need to edit the ssh.plist file, which is located at /System/Library/LaunchDaemons/ssh.plist. A word to those familiar with Linux/BSD environments: changing the default port in the sshd_config file, which exists in OS X, does NOT change the listening port. Simply changing the default port, saving the config file, and restarting the server (the sensible way) won't work. The OS X sshd server (openssh) is configured to get launch instructions from the ssh.plist file, as opposed to sshd_config. If you are more interested in this aspect of OS X, read up on LaunchDaemons (e.g. launchd).
    Before altering the ssh.plist file, you should save a backup copy in case of mistakes, or if you need to revert back to it in the future. Name your backup file something like original.ssh.plist, etc.
    In the ssh.plist file, locate the SocksServiceName entry and change it from the default:
    <key>SockServiceName</key>
    <string>ssh</string>
    To the following:
    <key>SockServiceName</key>
    <string>$alternate port number</string>
    In our example from above this value would be 12345.
    4.) Save your changes, and exit ssh.plist. You now need to move the backup file you created (original.ssh.plist) out of the System/Library/LaunchDaemons path.
    The updated sshd port will not take until you have only one ssh.plist file in the LaunchDaemons directory - this has to do with how launchd is configured to load files which is outside the scope of the current discussion.  (*If you've found a way around this, please share.) 
    5.) Restart the sshd server. Easiest way to accomplish this is going to System Preferences --> Sharing and clicking off 'Remote Login', then clicking back on it. 
    6.) Test the configuration by logging into the machine running the sshd server from another host using:
    ssh username@ipaddress -p 12345
    There are a few good tutorials out there that capture some of these steps, but many are dated and/or incomplete. If you are running a standard setup of OS X 10.8, this should work for you.
    Of course, don't be fooled into thinking that changing the default listening port from the ubiquitously-probed 22 equates to actual security. At best, it will cut down on the number of dubious connection attempts and probing.

    Hi all, above helped me change the sshd port number, thank you very much.
    Just upgraded to OS X 10.9.3 on my macbook pro.
    My findings were:
    Step 1(become a root user or sudo)
    Step 2 (/etc/services)
    This may not be required unless you want ssh to work without the "-p XXXX" option to connect to other ssh hosts.  I favor such as "ssh -p 2222 user@hostname" just to be sure I know what I am doing and also to leave ssh known port as its default "22".
    Step 3 (/System/Library/LaunchDaemons/ssh.plist)
    This is required if you want to change the sshd port number, I changed both "ssh" to "2222" in this file.
    Step 4 (launchctl)
    Below is a must as I understood:
    launchctl unload /System/Library/LaunchDaemons/ssh.plist
    launchctl load /System/Library/LaunchDaemons/ssh.plist
    it should be already working with the new port number.
    You can "ssh -p 2222 user@localhost" in the console terminal and see if its working.
    Since I am no expert on MacOS X, and it is a macbook pro that I am using, I also rebooted the system and changes were reflected permanantly.
    Thank you guys!

  • Isakmp peers using non-standard port 4500

    Hello,
    I have a remote site using the Internet to access corporate networks over IPSEC. Set-up is as below:
    Remote Router uses public IP across internet --> hits corporate untrusted nework FW --> NAT'ed to private 10.x.x.x IP --> reaches trusted network router.
    The problem is that the peer keeps hanging and the only way to reset it is to issue 'clear crypto session' on the central trusted router. I have added isakmp keepalives with the aim of forcing some keepalive traffic:
    crypto isakmp keepalive 90 30 periodic
    ...and this works to some degree (with DPD are u there keepalives). However I have noticed that the far end router uses non-standard ports when trying to set up phase-1 tunnel:
    BEVRLY_D_CR184_01#sh crypto isa pee
    Peer: 161.x.x.x Port: 4500 Local: 77.x.x.x
    Phase1 id: 10.2.0.92
    Peer: 161.x.x.x Port: 10456 Local: 77.x.x.x
    Phase1 id: 10.2.0.92
    Peer: 161.x.x.x Port: 10554 Local: 77.x.x.x
    Phase1 id: 10.2.0.92
    Peer: 161.x.x.x Port: 10557 Local: 77.x.x.x
    Phase1 id: 10.2.0.92
    Peer: 161.x.x.x Port: 10580 Local: 77.x.x.x
    Phase1 id: 10.2.0.92
    Peer: 161.x.x.x Port: 10589 Local: 77.x.x.x
    Phase1 id: 10.2.0.92
    Peer: 161.x.x.x Port: 10596 Local: 77.x.x.x
    Phase1 id: 10.2.0.92
    Peer: 161.x.x.x Port: 10600 Local: 77.x.x.x
    Phase1 id: 10.2.0.92
    These ports (non-4500) will be blocked by our firewalls. Why does it use these, and is there a way of stopping the router using anything other than port 4500?
    Thanks
    Phil

    Hello,
    Yes - there's NAT at the trusted central router end our side of the firewall... the config used is below:
    Remote Router end:
    crypto isakmp policy 10
    encr 3des
    hash md5
    authentication pre-share
    group 2
    lifetime 180
    crypto isakmp key address
    crypto isakmp invalid-spi-recovery
    crypto isakmp keepalive 90 30 periodic
    crypto ipsec security-association idle-time 300
    crypto ipsec transform-set BEVERLEY_Transform esp-3des esp-md5-hmac
    crypto ipsec profile VTI
    set security-association lifetime seconds 1800
    set transform-set BEVERLEY_Transform
    interface Tunnel1
    description BEVRLY_CC296_01 F0/8 (10.30.45.29)
    ip address x.x.x.x 255.255.255.252
    ip helper-address 10.91.6.30
    ip helper-address 10.4.162.92
    ip mtu 1400
    ip ospf message-digest-key 1 md5
    load-interval 30
    tunnel source Dialer1
    tunnel destination
    tunnel mode ipsec ipv4
    tunnel protection ipsec profile VTI
    Central Router:
    crypto isakmp policy 10
    encr 3des
    hash md5
    authentication pre-share
    group 2
    lifetime 180
    crypto isakmp key address
    crypto isakmp invalid-spi-recovery
    crypto isakmp keepalive 90 30 periodic
    crypto ipsec security-association idle-time 300
    crypto ipsec transform-set BEVERLEY_Transform esp-3des esp-md5-hmac
    crypto ipsec profile VTI
    set security-association lifetime seconds 1800
    set transform-set BEVERLEY_Transform
    interface Tunnel1
    description link to Beverley via internet (BEVERLY_CR184_01 Tun1)
    ip address x.x.x.x 255.255.255.252
    ip mtu 1400
    ip ospf message-digest-key 1 md5
    load-interval 30
    tunnel source FastEthernet0/1
    tunnel destination
    tunnel mode ipsec ipv4
    tunnel protection ipsec profile VTI
    I believe the DPD keepalives ensure NAT is known and compatible (crypto isakmp keepalive 90 30 periodic) between the peers....
    Any help gladly appreciated....
    thanks
    Phil

  • Mailserver using non-standard smtp port

    how do i set SMTP to accept connections on a non-standard port (i.e. 2525 or something)?
    i'm running a mail server and my residential isp (comcast) after ten years of peaceful coexistence decided that they need to block port 25. so i am setting up a commercial store/forward mail relay service. all i need to do is set up my snow leopard server to accept incoming connections on a port other than 25. sounds easy. it is mentioned in the docs thusly:
    "By default SMTP is enabled on port 25. If port 25 is blocked in your environment,
    you need to change the port SMTP uses."
    ... but that's all i can find. specifically, it doesn't say exactly how to change the port.
    any help appreciated.

    following up to my own post. hoping this info may be useful for others who face the same issue who are running a server and then having email ports blocked by their ISP's.
    i worked around this by signing up for a mail relay service (i use the one provided by dnydns.com). they forward incoming mail for my domain over a nonstandard port.
    since i never received an answer to my question about how to make SnowLeopardServer email server accept SMTP connections on other ports, i simply used port mapping in my router (Airport Extreme) to redirect this port (i used 2525) on my WAN address to port 25 on my server - an acceptable workaround.
    i also did the same port redirection for the other "standard alternative" smtp ports, 465 and 587.
    since my ISP blocks port 25 in both directions, i also needed to find a work-around for outgoing mail as well. previously, my mail server simply forwarded to my ISP's smtp server (using the default port 25). here the Server Admin interface worked but with one "trick": under Mail>Settings>General, i left the box for "Relay outgoing mail through host:" checked, and in the field there i put "[smtp.myispdomain.net]:587" (that is with square brackets, and a colon, but no double-quotes - and of course, use your own smtp server's domain name). afaik this is not documented anywhere in the apple-provided docs, but i found the corresponding docs for postfix, and reverse-engineered it.
    so now i can read (via IMAP) and send (via SMTP) mail from my home server, both when i am on my LAN and when i am accessing remotely, and effectively work around the bi-directional block of port 25 imposed by my ISP.
    i'd still like to know if there is a method of configuring smtp to accept connections on ports other than 25. i can see how to do it by editing /etc/postfix/master.cf, but afaik that file gets overwritten by Server Admin...

  • Version 8 blocks http on non standard ports i.e. 8080

    Version 7 handled http on both port 8080,8081 and 8082 but only text is passed after version 8 update. Is there a way to re-enable http on non standard ports? If you save the text file to the desktop and load it from there the html is processed correctly? Is there a directive besides "html" that could be place on the web pages to force html rendering on the odd ports. Version 8 works with port 4135 from Jefferson labs speed test.

    See:
    *http://www.mozilla.org/projects/netlib/PortBanning.html
    *http://kb.mozillazine.org/network.security.ports.banned.override

Maybe you are looking for