-
30th April 2019, 03:28 PM #1
Hi
We have setup RDP in our environment on Server 2016 however we are getting this error if I try to access this externally, "Remote Desktop cant find the computer [SERVER NAME]. This might mean that [SERVER NAME] does not belong to the specified network. Verify the computer name and domain that you are trying to connect to".Now this works fine internally. RD Web Access, RD Gateway, RD Licencing, RD Connection Broker, RD Virtualization Host, RD Session Host have been setup but of course they`re may be a incorrect configuration somewhere. All the certificates have been put in for all the roles to which is an external FQDN. However, when it comes to connecting and it failing it seems that its looking at the Internal FQDN. There is a DNS record internally for it and a external record. We`ve looked all over to find any help but cant get our heads around it.
-
30th April 2019, 03:41 PM #2
Does the external dns name resolve to your IP you have NAT'd off the firewall to it?
Actually from an external connection, eg home BT broadband for example? -
30th April 2019, 03:47 PM #3
Our external DNS name resolves to our firewalls external IP and to which any type of traffic is forwarded onto the external IP so all ports are open
-
30th April 2019, 04:26 PM #4
Are you trying to pass port 3389 directly onto the internet? If so I wouldn't recommend it. At the very least pass a much higher port number, eg 65000 onto 3389 of the internal server. Eg rdp to myfirewalladdress:65000
The chances are you are not forwarding port 3389 if you're not adding a specific port onto the rdp connection address.
I use a Dell SMA400 remote desktop portal which allows a https port 443 web connection to give remote desktop in a web page. It saves any users from having to use rdp shortcuts or any unsafe ports, it also allows me to block countries from accessing it, I set it to UK only.
-
1st May 2019, 10:43 AM #5
We had the same issue. have you added a host file on the server? 127.0.0.1 and then we put the gateway address ? We also put the server IP x.x.x.x and gateway. Once we did that it worked.
Other than that could be your NAT rules set in your firewall.
-
1st May 2019, 04:36 PM #6
How we would go about the host file, where would I find that and what would I need to change
-
2nd May 2019, 09:41 AM #7
I have done what you had said, went into C drive then windows, system 32, drivers then etc. I added the 127.0.0.1 address and then our server IP but still no luck?
-
2nd May 2019, 09:46 AM #8
Are you forwarding port 3389 onto the internet IP or are you forwarding a https web gateway?
-
2nd May 2019, 02:44 PM #9
We`re forwarding 3389 onto the internet but we also forwarding https as when we go on RD web its coming up as HTTPS
-
2nd May 2019, 03:10 PM #10
This makes no sense, you either forward RDP directly or you have a web portal with https and a SSL certificate on it for rdp via a portal. I use a portal method using sonicwall sma400 for example and as it's https it uses port 443.
So if users go to //myportaladdress for example it opens up the login page and they can then use rdp portals using the web panel.
If you are using microsofts rd web solution you will need to install a ssl certificate on it and forward port 443 on the rdweb internal ip to port 443 on the external ip and of course nothing else must be using port 443.You must never ever ever forward port 3389 on your internet ip directly to an internal rdp server though or the russians will be having a field day with it in a few hours...
//docs.microsoft.com/en-us/win...b-client-admin
-
2nd May 2019, 03:44 PM #11
-
2nd May 2019, 03:48 PM #12
Are all the roles on the same rds host
-
2nd May 2019, 04:00 PM #13
Yes all of them, all on 1 server
-
2nd May 2019, 04:18 PM #14
Just a hunch but try setting up the RDS server by IP [LAN IP] instead of name as you have it there [looks like something like gmat-vrdp.internal make that an IP instead of name]
You've probably added it by name in the RDSWEB config. -
2nd May 2019, 04:53 PM #15
As an afterthought you could perhaps try editing your laptops hosts file in system32/drivers/etc and point the lan ip at the servers name you're trying to connect to.
You also need to check the rdweb access server iis setting, Sites>Default Web>RDWeb>Pages look for Default TS Gateway and make sure the EXTERNAL dns name is specified not the internal one. That would cause the not resolving problem.