How JustAnswer Works:
  • Ask an Expert
    Experts are full of valuable knowledge and are ready to help with any question. Credentials confirmed by a Fortune 500 verification firm.
  • Get a Professional Answer
    Via email, text message, or notification as you wait on our site. Ask follow up questions if you need to.
  • 100% Satisfaction Guarantee
    Rate the answer you receive.
Ask Justin Your Own Question
Justin, Network Administrator/Not Limited
Category: Computer
Satisfied Customers: 2591
Experience:  Network Specialist Degree, A+/Net+ Certs, 10 years Contract IT/Network Administration
Type Your Computer Question Here...
Justin is online now
A new question is answered every 9 seconds

Having trouble connecting to a Server 2003 by Remote Desktop

This answer was rated:

Having trouble connecting to a Server 2003 by Remote Desktop connection.
Internally, I can connect, if I loop I can connect, if I use the external IP on a notebook..I can connect...but go. My linksys router has Port 113 IDENT filtered, could that be the issue?
remote desktop needs tcp port 3389 to be forwarded to your windows server 2003 computer from router. try port forwarding in your router to see what happens.
Customer: replied 7 years ago.
That is elementary...already have that in place. Do you think....ident 113 port has anything to do with it
I don't think so. try to disable windows firewall temporarily for troubleshooting purpose to see if you can connect externally.
Customer: replied 7 years ago.

Firewall is not on (This is

server 2003 - anyhow no firewall, no antivirus on. Since I can connect internally, I think it is the router. Was hoping you might have a clue....

Greetings, I already caught myself up on this issue. Ports are correct, confirmed remote desktop works on the LAN.

I'm going to go with saving some time here. What's the external IP that redirects to the server (please do not give any user names or passwords, they are not necessary).

Edit: Do not include the decimals in the IP address, just put spaces. In case the post gets filtered. If its a domain you use bound to a static IP address, that is fine as well.

Edited by jnayes on 9/16/2010 at 8:52 PM EST
Customer: replied 7 years ago.
64 223 46 6
I'm leaving this as an answer but I don't want you to accept unless we figure it out. I will continue to work with you further until its working.

The ports closed. Tested it here (port tester, and remote desktop).

You can confirm yourself here:

I personally run a network with 6 servers running 2003 right now, all of which use different ports (you can manually set the port you want remote desktop to use). None of which require anything fancy short of that simple port forward. The problem is likely the router's port being forward, or the actual external IP address. If you have a static IP address, or a block, let me know. If you have a dynamic address it could have changed on you (there are ways around this too).

Start with the simple tests, I'm sure you have, but its best to double check. Log into the router, be sure the external IP address in the status is what you gave me. Also confirm the port is forwarded from the external interface to the internal IP of the server, and if the "rule" requires a checkbox to do so.

Based on your responses I'll try not to bore you with the basics, but we need to narrow it down. Also not to miss your previous question, no Ident is not required.

Now, if you've done all this and its still not working? Try this. Use a different port in the router to forward (nothing that's being used please, try something high like 4500). Forward it to the default 3389 internal IP.

Test the remote desktop externally using the site I provided, or by remote desktop doing the IP address like this (just as an example, you will fill in your the external) 192 68 10 10:4500

The colon will let it know to use a different port, the router will still forward it to 3389 though w here the server is listening. If the : doesn't work, try it with a space, but I'm near positive its a :

Edited by jnayes on 9/16/2010 at 9:12 PM EST
Justin, Network Administrator/Not Limited
Category: Computer
Satisfied Customers: 2591
Experience: Network Specialist Degree, A+/Net+ Certs, 10 years Contract IT/Network Administration
Justin and other Computer Specialists are ready to help you
Customer: replied 7 years ago.

I know how to change the listening port on a pc, in fact, I have another server listening on 3394, I do not know how to use the router to forward to another port...

I have elusiva support service which would allow you to connect to my computer and see the router would go to

support ri95 com / operator

log in using support101 then I will allow you to connect to me by clicking jimmy


Then you can control my pc - kind of like go to meeting


spaces need dots in address


want to try that? I will change password XXXXX no one else gets it after we are done.

Customer: replied 7 years ago.
Also..I am on an Island and need to ctch a ferry at 6:30
I'd love to but we aren't allowed to remote access due to liability reasons... and trust me when I tell you they are strict on it.

I understand if this is a hassle for you, and I'm more than willing to help you do some tests.

Just understand that, rdp is as simple as you see it. If the router is forwarding port 3389 from its external interface to the internal IP at the same port on the server, and you're positive you don't have any software firewall in place (virus scan, ISA, etc), and RDP is functional (as you also confirmed internally), it will show the port opened, without fail.

Do you have anything else externally redirecting? Mail server? Web server? Anything I can test to be sure the router is even forwarding ports at all.

As far as time constraints, this is an open question, this can stay open for days. THere's no rush to accept, and if you choose not to accept there's no charge. All you have is a deposit. So I'll let you decide how to proceed. I can run any tests necessary, I just am not allowed to remote. They are working on a system for it, but its not up and running yet.
Customer: replied 7 years ago.
OK - I am uninstalling the anti-virus - then will see if port is opened
Customer: replied 7 years ago.
same address 3394 should also respond
Customer: replied 7 years ago.
3394 definitely works - Boss tried it from is fine.
Customer: replied 7 years ago.

So maybe something wrong with router...

can't keep this open for days...have to catch the ferry.

Sure does, just tested it the same.

That's actually good news. Now it means your router isn't forwarding 3389 correctly. Port 3389 is not set to receive on the server. A piece of software is blocking 3389 by default. Or lastly, and I mean rarely, your ISP is blocking 3389.

Let me catch up here. You have the server listening on 3389 or 3394, or are they separate servers.
Customer: replied 7 years ago.

Two different machines

This one has 21 and 8888 also open forwarded in how to I change the router to 4500 and forward it to 3389?

Or should I just chnage my registry?

If you're 100% sure that the server is listening on 3389, I wouldn't change it. And to my understanding you tested it internally so you know it receives just fine.

If you have one of the standard blue linksys routers however, the generic ones you may pick up from best buy. Looks like this:

You won't be able to do port switching like that, that I know of. You may be forced to do what you're doing on the other one and specify a separate port from 3389. Though I find it odd that its not forwarding properly to begin with.

As a simple test though, make the change, set the port to 3390, open the port on the router, and test it. If it works, you know something is going on with port 3389 externally. Who's your internet service provider?
Customer: replied 7 years ago.

Your port testing site tells me 21 is closed, I use that for a web cam..and it is working.

Why does it say closed? 8888 is open...

definitely works internally and if I go to the external ip from an internal network, I connect.

So Server is working.


This is a Linksys - wrt54gs


Can I make the 4500 work using that?

Depends on the protocol as well, that's a simple test. I just put it up for reference (there are other tools on the site as well).

If you had a mail port open I'd have to tested it via telnet for example.

Try 4500 as a test (setting RDP to receive it, and using the router to forward 4500).

Depending on your DNS, if you're using an internal computer and connecting to your external interface, it doesn't actually leave your network if it resolves internally. I can't predict your settings, and given our testing its not important anyway.
Customer: replied 7 years ago.

Tell you what - I am going to use the elusiva as a work around to let him in...

I will accept your help...and thanks....

Thanks, I'm quite interested in this issue though. I'll leave this open and if you get some time let me know if the other port could forward. It should stay open for a week or so.

And also who your Internet Service Provider is.
Customer: replied 7 years ago.
I was all set to buy a new router...
OK..I left the Island and used Elusiva to connect to the server....edited the registry to tell it to listen on Port 3398, instead of 3389.
Changed the router to be sure 3398 was open and it opened right up after a re-boot.
Do you suppose that 3389 port is corrupted or what..
how could it connect locally, loop back with and all that..but not through the roiter?
Anyhow....Now we can connect...using :3398

Thanks for your guidance.
I had a feeling that was the case. Who is your ISP?

Some, though very rare, ISP's block remote desktop. Its more common for them to block port 80 and such, but I have heard that some do.

Its either that, or there is some software (whether traces left behind or what) blocking the port on your Server. Though as you stated, it works internally.

So to me, that just leaves your ISP. When you can, let me know who it is and I'll do some digging.
Customer: replied 7 years ago.
This used to work. It suddenly stopped. We used Windows RDC all last winter. I use Verizon DSL...they do not block it. The router is old,
I think it might be the router..must be because of the internal ability to connect. the one thing I can think of is that we had to change the IP address of the server and that the router just never cleared it out, despite unplugging it with nothing checked for that 3389. I never reset the router..too many other forwards.
A newer router may give you more options, or possibly updating the firmware.

Verizon DSL. What type of configuration choices come with their modem?

One thing can be sure, odd problem in general, but I've seen screwy things with malfunctioning routers as well. Lastly, though I don't believe it to be the case with Verizon, but just because it worked last winter doesn't mean they didn't block it this winter.

ISP's are notorious for making changes and not giving any warnings out to users. Comcast is great at that.

If you figure it out by replacing the router, or resetting it, maybe pop on back here and let me know the root cause. Or we can continue testing tomorrow in your free time. I'm very curious.
Customer: replied 7 years ago.
No, it works with 3398...I'm going to leave it for now and get a new router soon. Thanks.
Sure no problem. As for your other question (the bandwidth one) I'd love to help you on it, but some "expert" moved it to the programming category instead of the Networking category where it belongs.

I'd cancel the question and re-ask it and I'll give you some info on it.
Customer: replied 7 years ago.
Yeah, sorry about that. Someone probably saw the mention of php and moved it. I don't know php, but I am very familiar with all server side products (dns, wins, terminal services, vpn, iis, sql server, server 2003, ISA, active directory, gpo's, you name it).

Been a Network Admin for multiple companies ranging from 5 to 80 users for 11 years.

Once you reask the question I'll close and have a refund issued (for the deposit) on the other one.
Customer: replied 7 years ago.
I could not figure how to cancel I asked support to change the another fellow responded...I told him support was going to change the category.
No problem. If you felt his answer was adequate enough you can always accept it. If you felt it wasn't you have multiple options.

You can request it closed, and create a new one that will give me a heads up here:

If you specifically want a certain expert to answer it, putting their name in the title of the question usually lets everyone know to leave it alone (such as not moving it to the wrong category haha).

Like I said, no big deal either way. If you don't feel like dealing with the hassle, you can always ask me on this one thread without opening a new question. Besides, I technically didn't get to the bottom of your last problem, just narrowed it down.