RE: Access to remote ISA 2004 server via RDP no longer working

  • From: "Rob Moore" <RMoore@xxxxxxxx>
  • To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
  • Date: Wed, 22 Feb 2006 12:57:36 -0500

Yah, I checked that out this morning. (See this morning's post.) It was
correctly configured. I unchecked it, applied it, then re-checked it and
applied that. I was then able to RDP to the ISA server from the
webserver behind it. But when I got back to my desk, I couldn't RDP
directly to the ISA box. I tried RDPing into the webserver--success--and
then RDPing into the ISA server--no success. That's where I'm at now.

Even when I was able to RDP into the ISA box, it still didn't list
"3389" as a port it was listening on.

Rob

-----Original Message-----
From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] 
Sent: Wednesday, February 22, 2006 12:12 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Access to remote ISA 2004 server via RDP no
longer working

http://www.ISAserver.org

I make that your TS service isn't configured.
Computer Properties, "Remote" tab.

-------------------------------------------------------
   Jim Harrison
   MCP(NT4, W2K), A+, Network+, PCG
   http://isaserver.org/Jim_Harrison/
   http://isatools.org
   Read the help / books / articles!
-------------------------------------------------------
 

-----Original Message-----
From: Rob Moore [mailto:RMoore@xxxxxxxx]
Sent: Tuesday, February 21, 2006 12:31
To: [ISAserver.org Discussion List]
Subject: RE: [isalist] RE: Access to remote ISA 2004 server via RDP no
longer working

OK, I'm now at our remote site. When I do a "netstat -ano -p tcp"
there's nothing listening on port 3389. Here's what I get:
Proto  Local Address          Foreign Address        State           PID
TCP    0.0.0.0:135            0.0.0.0:0              LISTENING       956
TCP    0.0.0.0:445            0.0.0.0:0              LISTENING       4
TCP    0.0.0.0:1029           0.0.0.0:0              LISTENING
1584
TCP    0.0.0.0:1039           0.0.0.0:0              LISTENING
1908
TCP    0.0.0.0:1051           0.0.0.0:0              LISTENING       696
TCP    0.0.0.0:1052           0.0.0.0:0              LISTENING
1044
TCP    0.0.0.0:1054           0.0.0.0:0              LISTENING
3680
TCP    0.0.0.0:1056           0.0.0.0:0              LISTENING
3636
TCP    0.0.0.0:1311           0.0.0.0:0              LISTENING
1908
TCP    0.0.0.0:1723           0.0.0.0:0              LISTENING       4
TCP    0.0.0.0:3847           0.0.0.0:0              LISTENING
1664
TCP    0.0.0.0:8000           0.0.0.0:0              LISTENING
1908
TCP    66.150.232.139:80      0.0.0.0:0              LISTENING
3636
TCP    66.150.232.139:80      63.138.24.67:45303     ESTABLISHED
3636
TCP    66.150.232.139:80      68.142.250.208:55628   TIME_WAIT       0
TCP    66.150.232.139:80      68.142.251.89:37994    TIME_WAIT       0
TCP    66.150.232.139:139     0.0.0.0:0              LISTENING       4
TCP    66.150.232.139:5354    0.0.0.0:0              LISTENING
3636
TCP    127.0.0.1:53           0.0.0.0:0              LISTENING
1584
TCP    172.17.201.9:139       0.0.0.0:0              LISTENING       4
TCP    192.168.200.1:53       0.0.0.0:0              LISTENING
1584
TCP    192.168.200.1:139      0.0.0.0:0              LISTENING       4
TCP    192.168.200.1:1059     192.168.200.2:445      ESTABLISHED     4
TCP    192.168.200.1:1121     0.0.0.0:0              LISTENING
3636
TCP    192.168.200.1:1167     192.168.200.2:389      CLOSE_WAIT
1116
TCP    192.168.200.1:1745     0.0.0.0:0              LISTENING
3636
TCP    192.168.200.1:4318     192.168.200.2:80       ESTABLISHED
3636
TCP    192.168.200.1:4538     192.168.200.2:135      TIME_WAIT       0
TCP    192.168.200.1:4539     192.168.200.2:135      TIME_WAIT       0
TCP    192.168.200.1:4540     192.168.200.2:1026     TIME_WAIT       0
TCP    192.168.200.1:4557     192.168.200.2:1026     TIME_WAIT       0
TCP    192.168.200.1:4560     192.168.200.2:389      TIME_WAIT       0
TCP    192.168.200.1:4561     192.168.200.2:389      TIME_WAIT       0
TCP    192.168.200.1:4565     192.168.200.2:139      TIME_WAIT       0
TCP    192.168.200.1:4653     192.168.200.2:80       ESTABLISHED
3636
TCP    192.168.200.1:8080     0.0.0.0:0              LISTENING
3636
TCP    192.168.200.59:139     0.0.0.0:0              LISTENING       4
 
What do you make of that?
 
Thanks,
Rob

________________________________

From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx]
Sent: Fri 2/17/2006 10:50 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Access to remote ISA 2004 server via RDP no
longer working



http://www.ISAserver.org

"abortively closed" is one side of the connection (client or server)
that is slamming the door on the connection be sending a RST instead of
the expected SYN_ACK.
This usually happens because the application / service is not listening
on the destination port and the TCP stack does the right thing by
telling the client to bugger off.
What is the output from "nststat -ano -p tcp" at the ISA?

-----Original Message-----
From: Rob Moore [mailto:RMoore@xxxxxxxx]
Sent: Friday, February 17, 2006 7:30 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] Access to remote ISA 2004 server via RDP no longer
working

http://www.ISAserver.org

Hello all--

I have a remote ISA 2004 server (on Win2k3 SP1, was ISA SP1, now is ISA
SP2) at a colocation facility. I also have an ISA 2004 server (on Win2k3
SP1, ISA SP1) here in the building. Behind the remote ISA server is a
web server. There is a VPN connection between the two ISA servers.

Up until this week, I have been able to RDP from here to both remote
servers. I could RDP to both servers over the VPN or without it, for
those times when the VPN has broken.

I don't know exactly when I stopped being able to RDP. I first
discovered it this week, right after I applied the latest MS security
patches to my computer. I was then going about applying them to my
servers. I got into and applied them to the remote web server. But I
couldn't get into my remote ISA server. I can still RDP to the remote
web server, both over the VPN and not over the VPN. When I try to RDP to
the ISA server, I get this error at my workstation:
"Remote Desktop Disconnected
The client could not connect to the remote computer.
Remote connections might not be enabled or the computer might be too
busy to accept new connections. Blah blah blah."

So this morning I went over to the colocation facility. I monitored
attempts to get in via RDP. Then I tried applying all the MS updates
(except for ISA SP2) and rebooting. RDP attempts got the same result.
Then I tried applying ISA SP2. RDP attempts yielded the same result.

Examining the logs on the remote ISA server shows me that it is NOT now,
nor was it before, denying the connection. Instead I'm getting the
result code "0x80074e21". When I Google that, I get to a Microsoft web
page with lots of error codes, including that one on ISA, and it says "A
connection was abortively closed after one of the peers sent a RST
segment."

Does that sound familiar to anyone? Any ideas about how to approach this
problem? It's complicated by the fact that, now that RDP to the ISA
server isn't working, I have to take a 30-minute trip to the colocation
facility if I want to get my hands on the server.

One thing I didn't think of trying until I'd left the facility was
RDPing from the web server to the ISA server.

Thanks,
Rob

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

All mail to and from this domain is GFI-scanned.


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
rmoore@xxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx



All mail to and from this domain is GFI-scanned.


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
rmoore@xxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

Other related posts:

  1. Home
  2. isalist
  3. Archive
  4. 02-2006