Remote Desktop within home network restriced by Internet connection

Page 1 of 3 123 LastLast

  1. Posts : 16
    Windows 7 Professional 64 bit and 32 bit
       #1

    Remote Desktop within home network restriced by Internet connection


    At some stage, Remote Desktop Connection (within my home network) from my Toshiba laptop running Win 7 Pro 32 bit to my Custom desktop running Win 7 Pro 64 bit stopped working using the desktop's computer name. At the time I was too busy to track down the reason. After some checking I have found that if I disconnect my router from the phone line, it works!
    Here is the detail:
    When I RDC using the computer name I get an error "Remote Desktop can't connect to the remote computer..." [When I check the current IP address of the desktop and use it in RDC, I get a login prompt; as soon as I login I get an error message about the validity of the desktop's security certificate. I can bypass this and connect ok. However, I don't want to have to keep checking for the current IP address of the desktop....]
    By elimination, I found that if I disconnected my router from the Internet by unplugging the phone line, I could easily connect (but with the same security certificate error).
    I then suspected some software must be the culprit. I turned off my Windows firewall, Avast antivirus and Spybot and tried again, but this did not solve it.

    I am not sure what to do next. I have discounted the security certificate error. It says that it is not from a trusted certifying authority.
    Any help appreciated.

    John
      My Computer


  2. Posts : 5,941
    Linux CENTOS 7 / various Windows OS'es and servers
       #2

    Hi there
    You need to enable PORT forwarding on your router -- Can't remember but I think the port is something like 3389 - also allow it through any firewalls.

    One of the problems with RDP is that if you want to access SEVERAL machines remotely on the same network then you need to fiddle the port numbers and route the correct port to the relevant machine - you can't route the SAME port to different machines - however accessing a specific SINGLE machine is easy enough).

    Also to other users reading this post-- the emote computer can only be accessed if it's a Windows PRO version or higher (Ultimate / Enterprise). Home premium won't work - Home premium only allows your computer to work as a CLIENT.

    I think also your networking setup needs to set DHCP as well on the router otherwise you will have to remember the actual LOCAL IP addresses of your machine (the IP addresses on your LAN). Windows Networking should remember the computer names on your LAN.

    To access from OUTSIDE your LAN the port forwarding is required since to the OUTSIDE your service providers IP assigned address is what you see on the Internet and the RDP needs to be routed to the correct computer -- this gets a bit messy when your provider gives you dynamic IP addresses - but there are solutions for that like DynDNS.

    (Note TCP port for port forwarding if your router requests PORT TYPE)

    Cheers
    jimbo
      My Computer


  3. Posts : 2,298
    Windows 7 Professional x64 SP1 ; Windows Server 2012 R2 Standard
       #3

    john265 said:
    At some stage, Remote Desktop Connection (within my home network) from my Toshiba laptop running Win 7 Pro 32 bit to my Custom desktop running Win 7 Pro 64 bit stopped working using the desktop's computer name. At the time I was too busy to track down the reason. After some checking I have found that if I disconnect my router from the phone line, it works!
    Here is the detail:
    When I RDC using the computer name I get an error "Remote Desktop can't connect to the remote computer..." [When I check the current IP address of the desktop and use it in RDC, I get a login prompt; as soon as I login I get an error message about the validity of the desktop's security certificate. I can bypass this and connect ok. However, I don't want to have to keep checking for the current IP address of the desktop....]
    By elimination, I found that if I disconnected my router from the Internet by unplugging the phone line, I could easily connect (but with the same security certificate error).
    I then suspected some software must be the culprit. I turned off my Windows firewall, Avast antivirus and Spybot and tried again, but this did not solve it.

    I am not sure what to do next. I have discounted the security certificate error. It says that it is not from a trusted certifying authority.
    Any help appreciated.

    John
    What are your current DNS servers set as? In order to resolve local computer names to IP addresses you need to ensure that your DNS server is set as the same address as the default gateway since routers will carry their own DNS table which will have local computer names. If it is set to a public DNS sever such as 8.8.8.8 (Google DNS) then your local computer won't be stored on the public DNS server table.

    Hope this helps,
    Josh! :)
      My Computer


  4. Posts : 102
    Windows 7 Profession x64
       #4

    jimbo45 said:
    Hi there
    You need to enable PORT forwarding on your router -- Can't remember but I think the port is something like 3389 - also allow it through any firewalls.

    One of the problems with RDP is that if you want to access SEVERAL machines remotely on the same network then you need to fiddle the port numbers and route the correct port to the relevant machine - you can't route the SAME port to different machines - however accessing a specific SINGLE machine is easy enough).

    Also to other users reading this post-- the emote computer can only be accessed if it's a Windows PRO version or higher (Ultimate / Enterprise). Home premium won't work - Home premium only allows your computer to work as a CLIENT.

    I think also your networking setup needs to set DHCP as well on the router otherwise you will have to remember the actual LOCAL IP addresses of your machine (the IP addresses on your LAN). Windows Networking should remember the computer names on your LAN.

    To access from OUTSIDE your LAN the port forwarding is required since to the OUTSIDE your service providers IP assigned address is what you see on the Internet and the RDP needs to be routed to the correct computer -- this gets a bit messy when your provider gives you dynamic IP addresses - but there are solutions for that like DynDNS.

    (Note TCP port for port forwarding if your router requests PORT TYPE)

    Cheers
    jimbo
    If the goal is to forward ports to connect to a machine behind a NAT, wouldn't we suggest a static IP? If he is getting DHCP to the target machine and you have ports forwarded to an old address, there goes your connection. Also, the certificate error isn't anything to worry about. It just means it isn't signed by a certificate authority. If you want to be sure you are connecting to the right computer, you can write down the thumbprint for the certificate so you can verify that it's correct later if you are concerned about it. As for the advice given on DNS servers, I don't think windows machines query external DNS servers to resolve hostnames to IP's if you are just typing something like "BILL-PC".
      My Computer


  5. Posts : 2,298
    Windows 7 Professional x64 SP1 ; Windows Server 2012 R2 Standard
       #5

    There is no need for NAT port translation or any port forwarding since the remote desktop connection will be made within the internal LAN and will not be needed to pass through a router as listed in the OPs post:

    john265 said:
    At some stage, Remote Desktop Connection (within my home network) from my Toshiba laptop running Win 7 Pro 32 bit to my Custom desktop running Win 7 Pro 64 bit stopped working using the desktop's computer name.
    The machine will query the DNS servers it is listed for the computer name. If the DNS servers are configured with public DNS servers then local computer names will not be resolved since there is no 'AAA' DNS entry with a local computers name and IP address. That being said if the machine is to receive an IP address stack via DHCP it is most likely set the DNS server as the default gateway in which case the router will have an entry for the local computer names.

    Josh
      My Computer


  6. Posts : 16
    Windows 7 Professional 64 bit and 32 bit
    Thread Starter
       #6

    Guys,

    Thanks for your responses. I understand more now. Some observations:
    1) It used to work with the same router and Win 7on each. Of course there have been updates to Win 7, but not to the router firmware.
    2) The D-Link router has an unexpected port forwarding screen which has no capability to enter a computer name (see screen grab). It doesn't match the D-Link support info.
    3) The router was supplied by my ISP and has hardware version B2 which does not show on the D-Link support site (but has the same firmware version number). I need to follow that up.
    4) I don't think I mentioned that the RDC client laptop is connecting to the router by wireless and the desktop is connected to the router via Ethernet.
    5) DHCP server has always been enabled on the router.
    6) DNS server config is set to obtain DNS server address automatically and DDNS not set.
    7) UPnP and Multicast are not enabled.

    John
    Attached Thumbnails Attached Thumbnails Remote Desktop within home network restriced by Internet connection-17-07-2013-12-23-54.jpg  
    Last edited by john265; 17 Jul 2013 at 06:57. Reason: attach file
      My Computer


  7. Posts : 2,298
    Windows 7 Professional x64 SP1 ; Windows Server 2012 R2 Standard
       #7

    As a test, can you open a command prompt on the client machine that wishes to connect to the remote PC (desktop) and then type the following:

    Code:
    ping {computer name}
    Please replace the computer name variable with the name of the computer that you want to remotely connect to.

    Please check the computer name of the remote computer by clicking start> Right click on Computer > Properties

    Post upload a screenshot of the ping results if you can and we can go from there

    Many Thanks,
    Josh! :)
      My Computer


  8. Posts : 5,941
    Linux CENTOS 7 / various Windows OS'es and servers
       #8

    Shadowjk said:
    There is no need for NAT port translation or any port forwarding since the remote desktop connection will be made within the internal LAN and will not be needed to pass through a router as listed in the OPs post:

    john265 said:
    At some stage, Remote Desktop Connection (within my home network) from my Toshiba laptop running Win 7 Pro 32 bit to my Custom desktop running Win 7 Pro 64 bit stopped working using the desktop's computer name.
    The machine will query the DNS servers it is listed for the computer name. If the DNS servers are configured with public DNS servers then local computer names will not be resolved since there is no 'AAA' DNS entry with a local computers name and IP address. That being said if the machine is to receive an IP address stack via DHCP it is most likely set the DNS server as the default gateway in which case the router will have an entry for the local computer names.

    Josh
    Hi there
    It will still have to pass through a Router if it's on a network -- whether connected via LAN cable or Wifi -- a Router doesn't even have to be connected to the Internet at all to function but your machines DO need to be connected to this type of device for NETWORK connectivity. So the RDP connection (LAN) will need to know either the IP address or the DNS name of the target computer - the router should resolve the host names. Usually they do on LAN's so why you have to type in a specific IP address has got me confused !!!.

    I agree Port forwarding is only necessary from OUTSIDE the LAN - I mis-understood the OP.

    Cheers
    jimbo
      My Computer


  9. Posts : 2,298
    Windows 7 Professional x64 SP1 ; Windows Server 2012 R2 Standard
       #9

    No worries :) A proper router isn't needed for LAN but rather a switch or a hub however today for home users you have those hybrid boxes that seem to do it all!!

    My feeling is the computer name being spelt wrong which is why I asked to ping the computer name as it can tell if the name is being resolved by the DNS server or if the computer name was spelt wrong

    Josh :)
      My Computer


  10. Posts : 16
    Windows 7 Professional 64 bit and 32 bit
    Thread Starter
       #10

    Thanks for the suggestion. I can see a problem already with it trying to ping the name (OldBoy) at OldBoy.dlink.com! Where does it pick that up? Actually, looking for info on the IP address [92.242.132.16], I found this article on DNS highjacking.
    DNS Hijacking via Barefruit Talktalk and Others | manurevah
    My ISP is TalkTalk, one of the ISPs mentioned. Is this for real? What should I do?

    Pinging OldBoy.dlink.com [92.242.132.16] with 32 bytes of data:
    Request timed out.
    Request timed out.
    Request timed out.
    Request timed out.
    Ping statistics for 92.242.132.16:
    Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

    As well, here is an edited version of ipconfig /all results for the client PC. dlink.com is mentioned in several places.
    Windows IP Configuration
    Host Name . . . . . . . . . . . . : Coal
    Primary Dns Suffix . . . . . . . :
    Node Type . . . . . . . . . . . . : Broadcast
    IP Routing Enabled. . . . . . . . : No
    WINS Proxy Enabled. . . . . . . . : No
    DNS Suffix Search List. . . . . . : dlink.com
    Ethernet adapter Local Area Connection:
    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . : Belkin
    Description . . . . . . . . . . . : Marvell Yukon 88E8072 PCI-E Gigabit Ethernet Controller
    Physical Address. . . . . . . . . : 00-25-8B-35-60-B5
    DHCP Enabled. . . . . . . . . . . : Yes
    Autoconfiguration Enabled . . . . : Yes
    Wireless LAN adapter Wireless Network Connection:
    Connection-specific DNS Suffix . : dlink.com
    Description . . . . . . . . . . . : Intel(R) WiFi Link 5100 AGN
    Physical Address. . . . . . . . . : 00-21-6B-88-35-60
    DHCP Enabled. . . . . . . . . . . : Yes
    Autoconfiguration Enabled . . . . : Yes
    Link-local IPv6 Address . . . . . : fe80:...................(Preferred)
    IPv4 Address. . . . . . . . . . . : 192.168.2.5(Preferred)
    Subnet Mask . . . . . . . . . . . : 255.255.255.0
    Lease Obtained. . . . . . . . . . : 18 July 2013 09:32:58
    Lease Expires . . . . . . . . . . : 19 July 2013 10:46:53
    Default Gateway . . . . . . . . . : 192.168.2.1
    DHCP Server . . . . . . . . . . . : 192.168.2.1
    DHCPv6 IAID . . . . . . . . . . . : 184547831
    DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-................
    DNS Servers . . . . . . . . . . . : 192.168.2.1
    NetBIOS over Tcpip. . . . . . . . : Enabled
    Tunnel adapter 6TO4 Adapter:
    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Microsoft 6to4 Adapter
    Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
    DHCP Enabled. . . . . . . . . . . : No
    Autoconfiguration Enabled . . . . : Yes
    Tunnel adapter Teredo Tunneling Pseudo-Interface:
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
    Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
    DHCP Enabled. . . . . . . . . . . : No
    Autoconfiguration Enabled . . . . : Yes
    IPv6 Address. . . . . . . . . . . : 2001:..............................(Preferred)
    Link-local IPv6 Address . . . . . : fe80:....................(Preferred)
    Default Gateway . . . . . . . . . : ::
    NetBIOS over Tcpip. . . . . . . . : Disabled
    Tunnel adapter isatap.dlink.com:
    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . : dlink.com
    Description . . . . . . . . . . . : Microsoft ISATAP Adapter
    Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
    DHCP Enabled. . . . . . . . . . . : No
    Autoconfiguration Enabled . . . . : Yes
      My Computer


 
Page 1 of 3 123 LastLast

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 07:30.
Find Us