Rowland Costin
2006-01-11 12:45:47 UTC
Hi
I have a remote network to my offices, Its an active directory, using a PDC
server and a Terminal server and some smaller database servers. This network
is only ever accessed by remote clients, no local LAN clients. It has a
Cisco Pix 506 firewall.
So far I have had no problems. The remote users at my office can access
through our firewall (Firefox) and in through the Cisco without problem
using RDP.
I have a remote client elsewhere in the UK. They need to log onto this
network. I have sent them an RDP file already set up, (Tested at this end
ok). However, they cannot access my remote server using RDP through their
firewall. (Not sure yet what it is)
The Terminal server is accessing as standard using port 3389. I ran a TCP
port scan program on my PC while connecting to this remote server and this
confirms the server is listening on 3389. I have multiple other servers
here at my local LAN and connected to them as well. The scanner showed that
the RDP on my machine seems to vary the local port connection from my PC,
from about port 1646 to 1760.
Questions:
1) Is there a specific port range for the local port that RDP uses to go out
from the client PC? eg 1650 - 1800 maybe?
2) I know the clients firewall is extremely locked down, but they say they
have opened TCP port 3389 on the firewall, does RDP need anything else, UDP
etc?
3) They claim to have connected to my remote server ok with RDP when
bypassing the firewall. But I don't know if it is the same PC as they are on
other side of the country to us, so I haven't visited them yet. Can any
settings on the Desktop PC they are using have been closed down to prevent
getting from the PC to their firewall in the first place? eg would Windows
XP firewall shut these ports?
Their support people are based in their head office in Norway, so its
proving a bit difficult to organise information and things to try.
Anything else you can think of would be greatly appreciated.
Regards
Rowland Costin
I have a remote network to my offices, Its an active directory, using a PDC
server and a Terminal server and some smaller database servers. This network
is only ever accessed by remote clients, no local LAN clients. It has a
Cisco Pix 506 firewall.
So far I have had no problems. The remote users at my office can access
through our firewall (Firefox) and in through the Cisco without problem
using RDP.
I have a remote client elsewhere in the UK. They need to log onto this
network. I have sent them an RDP file already set up, (Tested at this end
ok). However, they cannot access my remote server using RDP through their
firewall. (Not sure yet what it is)
The Terminal server is accessing as standard using port 3389. I ran a TCP
port scan program on my PC while connecting to this remote server and this
confirms the server is listening on 3389. I have multiple other servers
here at my local LAN and connected to them as well. The scanner showed that
the RDP on my machine seems to vary the local port connection from my PC,
from about port 1646 to 1760.
Questions:
1) Is there a specific port range for the local port that RDP uses to go out
from the client PC? eg 1650 - 1800 maybe?
2) I know the clients firewall is extremely locked down, but they say they
have opened TCP port 3389 on the firewall, does RDP need anything else, UDP
etc?
3) They claim to have connected to my remote server ok with RDP when
bypassing the firewall. But I don't know if it is the same PC as they are on
other side of the country to us, so I haven't visited them yet. Can any
settings on the Desktop PC they are using have been closed down to prevent
getting from the PC to their firewall in the first place? eg would Windows
XP firewall shut these ports?
Their support people are based in their head office in Norway, so its
proving a bit difficult to organise information and things to try.
Anything else you can think of would be greatly appreciated.
Regards
Rowland Costin