Can't get Remote Desktop to work at, well, work

Discussion in 'Tomato Firmware' started by noaxark, May 15, 2009.

  1. noaxark

    noaxark Addicted to LI Member

    After the resident router broke in our small office, I installed a WRT54GL with Tomato as a replacement, and it's been working great except for this one thing: I can't for the life of me access a desktop remotely through WAN.

    I've been using the standard Windows RDP client, which I'm told worked before the router switch (no pun intended), and I have forwarded port 3389 is forwarded to the correct computer, and I've ensured the computer is listening for RDP connections on that port. I've tried enabling DMZ for the target computer, and I've disabled and even uninstalled its software firewall to no avail. RDP works fine via LAN, though, for some reason.

    Does anyone know what could be the issue here?
  2. fyellin

    fyellin LI Guru Member

    One crazy possibility. If you are using a cable modem and haven't paid extra for a static IP address, it's possible that you got a new IP address when you switched routers. Are you accessing the desktop using the old IP address? Is your DNS entry up to date?

    If that fails, it might help us to debug your setup if you show us your iptables, the result of Admin >> Debugging > Download iptables.
  3. Thrasher

    Thrasher Network Guru Member

    Could also be the PC has no gateway set?
    Can the PC access the internet etc?
  4. noaxark

    noaxark Addicted to LI Member

    Upon switching routers, I double checked that the IP didn't change and that our DynDNS server was up to date. I've tried accessing it using both the IP and the DynDNS address to no avail.

    See below for the iptables.txt attachment. The IP of the computer in question ends with .104.

    The PC can access internet fine, though I haven't manually set its gateway.

    Attached Files:

  5. Vezado

    Vezado LI Guru Member

    Are you forwarding tcp & udp? just trying to throw out some more guesses... (And the forwarding is actually enabled and not just present, right? :) I've done that before...

    I'd be tempted to go for TomatoVPN and skip the port forwarding all together. I avoided VPN for a long time because i didn't know much about it, but now i'm much happier having it up and running and using RDP over a more secure channel. It's also nice to know that 0 ports are open to the world, all ports scan as 'stealth' now.
  6. noaxark

    noaxark Addicted to LI Member

    Heh, yes, they are both forwarded and enabled -- I missed it at first, indeed, hehe, but to my surprise it didn't work after I fixed it either.

    VPN may be an option for the person working from home, but a company handling our financing software needs remote access as well, and I have no control over their network.
  7. Vezado

    Vezado LI Guru Member

    You could still use the port forwarding for the financial software and use vpn for rdp, file sharing, router admin, etc. Plus then you have access to the company printers and can scare the last person at work by sending creepy print jobs.

    Any chance your firewall on the host is configured to allow rdp on the local subnet only? it's not the default config, but perhaps it was changed. can you rdp to any machines at all?
  8. TheGIZ

    TheGIZ Network Guru Member

    Get on the LAN and RDP to the computer.
    (could be the computer it self... not set up for connections, firewall, etc.)

    Check and post screen shot of port forwarding screen.

    Set a static DHCP for the computer that you need to RDP too.

    Set Forwarding Table to reflect this IP address.

    (I use the Tomato VPN everyday... Thanks to Roadkill, Sgt. Pepper and everyone else involved.)
  9. noaxark

    noaxark Addicted to LI Member

    Perhaps, but then the forwarding problem still remains. :/

    I don't think so, but I might misremember testing that. I shall test it again when I get time (gotta run off after posting), but for now you may assume it's the same on all machines.

    As for TheGIZ's post:

    Get on the LAN and RDP to the computer.
    Result: Works, as I've stated earlier.

    Check and post screen shot of port forwarding screen.
    Result: [​IMG]

    Set a static DHCP for the computer that you need to RDP too.
    Result: Already done. Confirmed at computer via ipconfig.

    Set Forwarding Table to reflect this IP address.
    Result: Done, as per screenshot above.

    Thanks for the help so far. Hope we can nail this sucker.
  10. Vezado

    Vezado LI Guru Member

    I always explicitly define external and internal ports, despite the examples. Besides, i would highly recommend against exposing 3389 to the outside world. Use a high number port and then specify it on the rdp client


    EDIT: There's your problem! Have another look at your source address :) Leave it blank or specify a range where you're forwarding FROM..
  11. noaxark

    noaxark Addicted to LI Member

    duh! I am ridden with shame. :D

    The port was temporarily set to 3389 to eliminate any implications from an altered port during troubleshooting, especially since it was confirmed to work on that port with that computer back when somebody else administrated the network with the old router. I will change it once I can confirm it works.

    Thank you for your help everyone. I'll update this post when I've had a chance to fix the problem.

    Edit: Yep. It's working fine. Tried from a computer way over in the UK. Cheers! :)
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice