Remote Desktop in Server 2012 is inaccessible from outside of LAN

We have a server 2012 machine it was setup and accessible via Remote Desktop for months.  A few days ago we wiped it and did a fresh install of Server 2012.  Now we can not remote to the server from outside of the LAN, even though it is setup exactly
as it was before. 
Here is a checklist of things I have checked while trying to figure out the break:
Router/firewall is forwarding port 3389 to the correct internal static IP of the server.  Port forward test tools online confirm the port is open.
Windows firewall is set to allow all connections for Remote Desktop on 3389.  Also tried turning off firewall completely, does not fix the issue.
Allow remote connections is enabled in System Properties, and users have been added to the list of allowed user
Additional info:  The server is also a standalone Active Directory and Domain Controller.
Remote desktop connections work fine while in the office on the LAN.  When remoting to the external IP, it doesn't work, even though it did only days before we re-did the server.
Thanks!

What should I check in AD?  I am by no means an expert with AD.
Yes, I am using the same client OS.
I am talking about RDP over the internet, like from home to the office.  We have a static IP assigned to the router from ISP.  A static internal IP assigned to the server on the LAN.  And the router port forwards 3389 to the assigned IP. 
It was working fine before we reinstalled Server 2012.  These are the steps I took when reinstalling:
1. format drive and install OS
2. rename the server
3. install SQL server
4. Install TFS and SharePoint
5. Add Active Directory role and promote to Domain Controller
6. Add domain users
7. Enable remote access on the server and add users to remote access list

Similar Messages

  • Remote Desktop Connection Server 2012 Clients only using on DC as Logon Server.

    I am using Server 2012 and have an RDC Server running on a VM.  Originally I had ordered the licensed version as Essentials was provided to me which does not allow for a full domain environment, which is required for the RDC server.  Anyway, I
    used Eval versions to get started, not thinking or realizing that the DC would never be able to get Activated since it is an Eval.  So after 4 days I have finally, loaded Server 2012 on a new VM, promoted to DC, Transferred FSMO roles...DNS is up and
    replicating across both DC's. The Eval keeps shutting off and was going to demote it and remove, but whenever it is shutdown the Clients receive a "No Logon Servers are available " error.  I start up the old DC and it works.  I doublechecked
    all of the roles have been moved, I checked the RDC gateway, everything points to the same Domain information, but when I check an account using 'CMD set' it shows the old DC as the Logon Server.  Is there something I am missing in the RD Gateway or somewhere
    else.  Is there a way to force it to use the new DC?   I have tried setting the options in remote desktop connection to use a particular TS Gateway setting and it doesnt seem to work.   Can someone please help me think about this and offer a
    suggestion or let me know if you need more info.  I can figure nothing else out at this point.
    Thanks so much in Advance.
    -T

    it sounds like your clients / rdc servers may still be pointing to the old DC for DNS.
    Can you check you have updated DNS on the clients to talk to your new domain controller.
    Regards,
    Denis Cooper
    MCITP EA - MCT
    Help keep the forums tidy, if this has helped please mark it as an answer
    The new DC is the only DNS server listed on the RDC Server and is the only DNS listed for the clients other than the gateway which have as a secondary.  If I change the static on the old DC I cannot login, as soon as I put it back, I can login and it
    shows that DC as the logon server.    
    I did a simple recursive test on both DNS servers....The new Domain Controller passes, the Old One which I am trying to remove, does not.
    I will reply with any other updates as I continue to look into this and thanks for the suggestions.
    So I also Pinged the domain from the RDC Server as suggested and it replies back with the old DC IP.
    Not sure why.

  • Cannot run more than one instance of a remote app in remote desktop services Server 2012

    All,
    I installed "Remote Desktop Services (RDS) Quick Start Deployment for RemoteApp, Windows Server 2012 Style" using the instructions here http://blogs.technet.com/b/yungchou/archive/2013/02/07/remote-desktop-services-rds-quick-start-deployment-for-remoteapp-windows-server-2012-style.aspx
    I need to set up an image viewing program (Olyvia) to allow students using Macs and iPads access to this windows only application in order for them to get their work done.  We may have 12 or more students accessing and trying to run the Olyvia application
    at any one time.
    All works good, except that I cannot run the Olyvia application (setup as a remoteapp program) more than one instance at a time.  That is, when I start up "olyvia" on a Mac, it works great.  If I leave it up and running, and then try
    and start up "olyvia" on an iPad (using different accounts), I get the following error message:
    "Cannot run more than one instance of this program simultaneously.  Either the program is already running, or it has not been terminated completely."
    I need to understand the root issue.
    1.  Is this a licensing issue?  So, I need to add some CALs to the RDS server?
    2.  Is this a application issue with "olyvia"?  So, no matter what I do, it is not going to be able to be used by more than one person at a time when configured as a remoteapp?
    3.  Did I not "publish" the application correctly?
    4.  Is this happening because I followed the "quick start" guide?
    Appreciate any help I can get on this.  We have no problem getting CALs, I just need some help with the root issue.
    Thanks,
    Geoff Weatherford
    CVMBS, CSU

    Hi Geoff,
    Each application uses different techniques for determining if multiple instances are running.  If you can determine what method it is using then perhaps you could use App-V or other virtualization software.
    In the best case you really should direct your question to the maker of Olyvia.  The reason I said that is they specifically designed their software to prevent multiple instances, so the first question is, why?  Is it related to Licensing? 
    Compatibility?  If you knew the specific reason(s) why they are doing it and the technique used then at the point using a virtualization technique may be the best option.
    -TP

  • Extract data from remote desktop(presentation server)

    Hi friends,
       How to import and export  data from remote desktop (presentation server) to my sap server.
    I have user name password of the remote desktop(presentation server)
    Please guide me.
    By
    Raju

    Hello
    Question is not clear to me...
    Thank u,
    santhosh

  • Setting Up Remote Desktop Services Windows 2012 DMZ

    Hi
    I'm new to the Windows 2012 RDS. I am trying to figure out some things.
    I have an application that I would like to publish to the outside world to our customers.
    Im thinking of using Windows 2012 remote desktop services and publish the app via web browser. So users go to the URL and see the application.
    Do I need a client brooker and gateway server for this setup? or can i simply deploy a web access server on the dmz which then connects to my remote session host server inside?

    Hi,
    To allow outside access into your RDS environment you would need to use the RD Gateway role. This can be configured on the same box as your RD Web Access role if resources are limited.
    The RD Gateway role uses ether TCP 443 or UDP 3391 depending on what you have chosen to configure. You need to create a port forwarding rule from and to the gateway box using 443.
    Have a look at the following articles:
    http://ryanmangansitblog.com/2013/03/27/deploying-remote-desktop-gateway-rds-2012/
    http://ryanmangansitblog.com/2013/03/10/configuring-rds-2012-certificates-and-sso/
    This should assit with the configuration.
    Best regards,
    Ryan Mangan | Ryanmangansitblog.com | Help keep the forums tidy, if this has helped please mark it as an answer

  • How to issue a self-signed certificate to match Remote Desktop Gateway server address requested

    I have an RDG server named gw.domain.local with port 3389/tcp forwarded from
    gw.example.com.
    Using RDGM snap-in I created a self-signed SSL certigicate with FQDN gw.example.com.
    But when I connect over RDP from outside the local network I'm getting an error:
    Your computer can't connect to the computer because the Remote Desktop Gateway server address requested and the certificate name do not match
    Because certificate subject name is gw.domain.local indeed.
    So there question is: how to issue a certificate properly, or how to assign an existing one the name to match?

    Hi,
    Thanks for your post in Windows Server Forum.
    The certificate error which you are facing seems like certificate mismatch error, something like the security certificate name presented by the TS Gateway server does not match the TS Gateway name. You can try reconnecting using the FQDN name of the TS Gateway
    server. You can refer below article for more troubleshooting.
    TS Gateway Certificates Part III: Connection Time Issues related to TS Gateway Certificates
    And for creating a SSL certificate for RD gateway, you can refer beneath articles.
    1.  Create a Self-Signed Certificate for the Remote Desktop Gateway Server
    2.  Obtain a Certificate for the Remote Desktop Gateway Server
    Hope it helps!
    Thanks,
    Dharmesh

  • IMac at work, iMac at home. (Latest Yosemite and Apple Remote Desktop updates installed) Need to work from home at night. I don't know how to set my permissions so that I can just control my iMac at work.

    iMac at work, iMac at home. (Latest Yosemite and Apple Remote Desktop updates installed) Need to work from home at night. I don't know how to set my permissions so that I can just control my iMac at work.

         If they have set up port forwarding for you already then that is different.  In that case, then you could be experiencing the bug with the most recent release of ARD (3.7.2) and in particular ARD 3.7.2 and Yosemite ARD version 3.8 clients.  It has been reported numerous times in the forums and to Apple that since 3.7.2, clients are frequently unavailable to connect to despite there being no network issue between the remote computer and client computer.  I have not seen anyone report it who was working from outside the LAN to inside the LAN, but I have the same issue with a number of my own computers that are simply on a different subnet, so it stands rot reason that it would happen from a port forwarding location.
         I am sometimes able to resolve the issue locally by SSH connecting into the client computer using Terminal on my admin machine and restarting or relaunching the ARD agent on the remote device, then trying to connect to it again after about 30 seconds.
    The Terminal commands for this procedure are as follows, though you might need to include a port number from outside the LAN:
    First:
    ssh ipaddress -l adminusername
    (example: ssh 192.168.1.1 -l macadmin)
    Second:
    sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/k ickstart -restart -agent
    After that, waiting about 30 seconds and trying to observe or control usually works, though the computer may still fail to show an online or lit-up status indicator.

  • Wake sleeping computer from outside of LAN...?

    Hello.
    I use Timbuktu to remotely access my home computer from work and my work computer from home. I'd like to not have to leave my computer on at home all day, but once it's set to sleep, Timbuktu can't access it. Is it possible (via 3rd party app perhaps?) to wake a computer remotely from outside the LAN? I am able to do this from within the LAN, but this doesn't help when trying to do the same from a machine outside the LAN.
    Any suggestions?
    Thanks,
    Kristin.

    You need a router that has the ability to send a "magic" packet to a MAC address that you specify. Most new routers can't do this. The IOGEAR GWA504 wireless router can do this to a computer connected via a LAN cable but not by wireless. Very old SMC routers also had this capability. You login to the router from the WAN side and tell it to send a wake-up packet to a specific MAC address.

  • Remote Desktop disconnected because of security error from Windows 8.1 Surface to Server 2008

    Hello,
    I am trying
    to connect to a remote app on a 2008 server from a surface pro 3 with 8.1
    through Netilla SSL VPN and I getting the following error message.
    Remote Desktop Disconnected
    Because of a security error, the client could not connect to the remote computer Verify that you are logged on to the network and then try connection again
    if I am connected to the network and use the RDP file, it connects fine.
    This
    was previosluly working, but when I changed the terminal server to per user
    license mode from trial mode this happen
    This works fine from Windows 7 machines.<o:p></o:p>
    Any ideas?
    Thanks,
    Derek

    Hi Derek,
    Thank you for posting in Windows Server Forum.
    From the error itself it seems that there is some network connection issue with VPN. Kindly see that you get network when you are using VPN connection, also VPN must be running. You can also try to “ping” the remote computer and see whether there is successful
    ping result.
    Also try to use “Allow connections from computers running any version of Remote Desktop” option on server side and check whether you can remote desktop successfully. 
    Apart this issue can also be caused due to certificate as VPN can’t resolve the certificate properly and facing this issue because you are facing issue only with usage of VPN (as you have commented). Please check
    this link for detail.
    Hope it helps!
    Thanks.
    Dharmesh Solanki
    TechNet Community Support
    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

  • Using SQL stored procedures How to get the list of .rar files from e:\Tempbackup directories from the different remote desktop windows server and delete the .rar files which contains the current month and date

    Concept:
    Every month i need to find the list of .rar files from the
    E:/TempBackup directory from the different environments (remote desktop servers) and i need to delete the current month
    .rar files alone from the respective (E:/TempBackup) directory. below is example files structure inside the
    E:/TempBackup.
    example:
    zDROP_2014_08_31_Backups.rar
    zDROP_2014_09_31_Backups.rar
    zDROP_2014_10_31_Backups.rar
    from the above list i need to delete the zDROP_2014_08_31_Backups.rar(current month) file alone and also logs should be capture for this deletion.
    key words for this are zDROP and Current month and date.
    i need a stored procedure for this concept. could you please help on this.

    Hello,
    You can schedule an operating system task (Control Panel -> Schedule task) to either call a batch file or a PowerShell script.
    Please read the following resources for examples:
    http://social.technet.microsoft.com/Forums/windowsserver/en-US/61373719-fffb-4d94-bdbe-7d8ed8620b44/delete-filesfolders-on-remote-servers-using-powershell?forum=winserverpowershell
    http://www.networknet.nl/apps/wp/archives/943
    http://jeffwouters.nl/index.php/2011/10/powershell-script-to-delete-files-older-that-a-week/
    Hope this helps.
    Regards,
    Alberto Morillo
    SQLCoffee.com

  • Dictionary Option in Word 2013 Standard on Server 2012 R2 Remote Desktop Services Server

    We have a customer running Server 2012 R2 RDS with Office 2013 Standard. They are licensed for Office 2013 via Office 365. Office 2013 Standard is installed on the server via a using the Volume license as directed by MS. 
    Each user has a Microsoft Office 365 account.
    When the user attempts to use the Right Click -> Define Option in MS Word, the user is prompted to sign in so they can select a dictionary. 
    This is where the problem begins. The login process does not accept the users Office365 account. I was able to create a new Microsoft account (using the same email address as the Office 365 account) and select a dictionary.
    Is this the only method to get the dictionary to work? All 100 users must create another Microsoft account and use that to select a dictionary?

    Hi,
    What Word prompts when user attempts to login with the original account? Any error messages?
    Since the feature will work if you create a new account, have you ever compared the property of these two accounts? Maybe the security or permission setting during the creation process?
    We lack testing environment here for this kind of issues, and we have another dedicated support teams in
    Microsoft Office 365 Community. I would suggest you to post there, where you can get more experienced responses:
    http://community.office365.com/en-us/f/default.aspx
    The reason why we recommend posting appropriately is you will get the most qualified pool of respondents, and other partners who read the forums regularly can either share their knowledge or learn from your interaction with us. Thank you for your understanding.
    Thanks,
    Ethan Hua CHN
    Forum Support
    Come back and mark the replies as answers if they help and unmark them if they provide no help.
    If you have any feedback on our support, please click
    here

  • Unable to Change Screen Resolution in Remote Session - Windows Server 2012 R2

    Does anybody know of a way to allow Remote Desktop users to adjust their own screen resolution in a remote session under Windows Server 2012 R2? We are struggling with this and can't seem to find a solution.
    When users login to their RDP session and try to adjust their screen resolution this message is displayed in Control Panel:
    "The display settings can't be changed from a remote session."
    We don't want to use the "make text and other items larger or smaller" scaling feature, as this produces undesirable results with some of our applications.  We also don't want to have to support multiple types of RDP clients or RDP shortcut
    files.
    We have looked at other posts but can't find an answer that applies to Windows Server 2012 R2.  The closest thing we could find is KB2726399, but it only applies to Server 2008.
    Does anybody have a solution for Server 2012?
    Thanks

    Hi,
    Currently you cannot change the resolution from within the session.  This is normal and expected behavior.  
    Unfortunately this means you need to set the desired resolution before connecting by using custom .rdp files, manually within the Remote Desktop Client, custom web launch page, custom windows launch program, etc.
    -TP

  • Remote Desktop Licensing Server for multiple deployments

    Hi all. I'm towards a project of implementing 4 deployments of RDS in branch offices and 1 in head office. Those tend to be VMs on Server 2012 R2. 
    I've began collecting info from technet and even found that great post: 
    http://blogs.technet.com/b/yungchou/archive/2010/01/04/remote-desktop-services-rds-architecture-explained.aspx
     but I still can't figure out if I'm to use separate licensing server for all deployments or there is a possibility to use a single one for 5?

    If all machines are in the same domain a single license server will be fine. you will just need to add the licence server to your individual deployments via server manager. We have a single license server for 2003TS, 2012RDS 2012citrix VDI and 2008 Citrix
    XenApp

  • Log into a virtual machine on server 2012 r2 datacenter from a windows 8.1 client login

    Hello,
    I have set up a VPN on Windows Server 2012 r2 Datacenter using Hyper-V. Everything seems to be functioning ok using the Hyper V platform. I would like to know if it is possible to connect to a virtual machine on the VPN from a Windows 8.1 client using the
    widows login and if it is then how to go about it. If I could have some links to tutorials etc I would be greatful. I have not been able to find anything and I have been looking for days. I would really appreciate some assistance. Thanks in advance.
    Ed

    Hi Ed,
    I am sorry to say that I am not quite sure of your requirement. Is the Windows Server 2012 R2 computer a host server in Hyper-V? Did you mean that you want to RDP into a Hyper-V VM from a Windows 8.1 client? If yes, you need to allow Remote Desktop Connections
    in guest OS. The network adapter type must allow communication with host machine and network discovery mode and the services supporting network discovery mode must be turned on.
    Best regards,
    Susie
    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected]

  • RDWeb and Remote App access - Server 2012 R2

    Hi Folks,
    Here is my scenario. I currently have 1 RDS 2K12 server with all roles but licensing installed. I have configured the gateway to use server.externaldomain.com as its address. I have also set the SSL port in the gateway config to use something other than
    the standard 443 port. I have the firewall set to forward the non standard SSL port, the standard SSL port and the UPD port of 3391 to the RDS server. 
    I can get to the RDweb page and log in with no problems, but i can't connect successfully when i launch a remote app. it simply gives me an error saying that the gateway address is incorrect. When i set the gateway back to use the standard SSL port, things
    work fine.
    Has anyone gotten a non standard SSL port to work?
    Thanks.
    Colin Stewart

    Hi Colin,
    Based on my research, Remote Desktop Protocol version 7.x does not support changing default SSL port for RD Gateway Server.
    You may verify this by connecting from a Remote Desktop Client that supports Remote Desktop Protocol 8.x.
    More information for you:
    Running RD Gateway on a different port then 443 (Windows Server 8)
    http://microsoftplatform.blogspot.com/2011/10/running-rd-gateway-on-different-port.html
    Changing the Default Port of RD Gateway in Windows Server 2012
    http://social.technet.microsoft.com/wiki/contents/articles/10972.changing-the-default-port-of-rd-gateway-in-windows-server-2012.aspx
    Best Regards,
    Amy
    Please remember to mark the replies as answers if they help and un-mark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected]

Maybe you are looking for