none
Changing port 4125 for Remote Access?

    Question

  • My employer blocks port 4125. I did some searching and found on Microsoft Technet that there is a registry setting to change port 4125 on Small Business Server. That particular key doesn't exist in WHS (at least not under the same name as SBS). Is there a Registry setting in WHS where I can change 4125 to one that my employer doesn't block?

    Thanks,
    Garret

    Thursday, March 15, 2007 3:04 AM

Answers

  • I tried changing to port 23 with the KB article mentioned above. It didn't work.

    I saw this reply to a thread today and now see why it didn't work.

     Dileep K wrote:

    If the port 4125 is blocked at the remote location (work place in your case), currently there is no way to work around this.

    Currently port for remtoe desktop 4125 is hard coded. You may file a feature request to get it into the settings page. (It is kind of strange that 4125 is blocked at your work site though, may be all ports except http and https are blocked for inbound connections?)




    Yes, being able to do simple backups are nice, but the remote desktop is really what I am after. I hope something is changed with the full release of WHS.

    Garret

    Tuesday, March 20, 2007 3:29 AM

All replies

  • I'm putting together my WHS hardware this weekend, so I can't search myself ...

    But, if there is a key wouldn't a search of the registry for 4125 as a value perhaps find it?

    Charlie

    Thursday, March 15, 2007 4:53 AM
  • Look at this KB article: http://support.microsoft.com/kb/886209

    Note that it has you add new keys in order to change the port.  This is why you can't find the keys by searching.

    Good luck.

    Thursday, March 15, 2007 6:30 AM
  • I tried changing to port 23 with the KB article mentioned above. It didn't work.

    I saw this reply to a thread today and now see why it didn't work.

     Dileep K wrote:

    If the port 4125 is blocked at the remote location (work place in your case), currently there is no way to work around this.

    Currently port for remtoe desktop 4125 is hard coded. You may file a feature request to get it into the settings page. (It is kind of strange that 4125 is blocked at your work site though, may be all ports except http and https are blocked for inbound connections?)




    Yes, being able to do simple backups are nice, but the remote desktop is really what I am after. I hope something is changed with the full release of WHS.

    Garret

    Tuesday, March 20, 2007 3:29 AM

  • Don't know if you are still wondering about this since it's been about a year now, but I wanted to pass on what I was able to do with some information gathered on this issue.  Like you, I am blocked on port 4125 outbound from work to my WHS so I was unable to RDP from the website.  But for whatever reason, they allow open connections out on port 8080, so I could use that port if I could redirect to using it (in your case it looks like port 23 is open) I found this KB here:

    http://support.microsoft.com/kb/326945

    and used a similar approach.  I adjusted the C:\inetpub\remote\rdpload.aspx to change the line:

    MsRdpClient.AdvancedSettings2.RDPPort = port;

    to

    MsRdpClient.AdvancedSettings2.RDPPort = 8080;


    This doesn't change the port that the WHS is listening on, it is still listening on port 4125 for remote connections, but it tells the WebClient (the ActiveX running in the window on your work PC) to use port 8080 (or 23 in your case).   So what I did was add port 8080 as a Public port on my Router redirected back to port 4125 to the WHS inside my LAN at home.   So the  RDP client on my WorkPC is connecting on port 8080, but my Router at home is is mapping back 8080 to 4125 on the WHS. 

    This is working great so far.  The only downside is that the WebRDP will not work INSIDE my LAN at home because the RDP is trying to use port 8080 and there is no redirection being done inside my LAN.  I'm sure I can figure something out, but I don't really need to use the WebRDP inside my LAN because I can use the Connector RDP to connect to the WHS.

    Anyhow, that's one possible solution to your blocked port issue.  Good luck.


    Thursday, March 06, 2008 2:17 PM
  • Thanks for the info.

     

    I got around the problem by using a program called LogMeIn instead. Somehow it bypasses the hardware firewall my company uses.

     

    I may give this a try, though after losing irreplaceable digital pictures to a corrupted backup database, I'm not sure I want to use WHS anymore.

     

    GarretV

    Friday, March 07, 2008 4:52 AM
  • I happen to use a Secure Shell [SSH] link and run Remote Desktop through that as an emergency back channel into my WHS. You can use an alternate port for the SSH server to listen on configured in the sshd_config file with the Port option. You can then access the WHS, or anyother PC on your network, with Remote Desktop by forwarding the appropriate port through the SSH tunnel. I happen to use the free for personal use Tunnelier SSH client and the free for personal use copSSH server package. copSSH is based on OpenSSH/OpenSSL/cygwin and is updated as those are updated. Tunnelier is nice because you can configure it to auto connect a Remote Desktop session to one PC on your network once the SSH tunnel is established.

     

    Some links...

     

    http://www.itefix.no/phpws/index.php?module=pagemaster&PAGE_user_op=view_page&PAGE_id=12&MMN_position=22:22

     

    http://theillustratednetwork.mvps.org/Ssh/SecureYourcopSSHServer-Vista.html

     

    http://theillustratednetwork.mvps.org/Ssh/Private-publicKey-Tunnelier.html

     

    http://theillustratednetwork.mvps.org/Ssh/Configure-Tunnelier-WHS.html

     

    If you need to access additional PCs through the SSH tunnel with Remote Desktop then you must configure port forwarding for Remote Desktop in the C2S Fwding window. In this example the IP addresses are for two other PC's on my home LAN. When addressing the PCs with Remote Desktop you would use the address form localhost:3391 or localhost:3392 to reach either Norman or Miami respectively through the SSH tunnel. Of course the IP addresses in the C2S Fwding window must match the IPs on your LAN.

     

    http://theillustratednetwork.mvps.org/Ssh/Client06.jpg

    Friday, March 07, 2008 2:37 PM
  • Does anyone actually know if this is something likely to be implemented as this is a right pain in the **** Like most people posting in this thread we would like to remotely connect to our machines at home and although i use logmein at the moment what is the point paying £100 for home server if you cant do what you bought it for?

     

    Has there been an official answer from Microsoft as to whether this is going to be an option we can change? (port number 4125) I have found a lot of posts requesting this but no official answer and only workarounds (Thanks to those that have offered these)

     

    Thanks

     

    Monday, April 07, 2008 3:48 PM
  • You may want to submit a suggestion on Connect. Microsoft hasn't said that there will be a way to change this port (and there isn't a way right now), but Connect is where they are gathering feedback to help guide future versions of Windows Home Server.
    Monday, April 07, 2008 8:26 PM
    Moderator
  • @ediguywi

    I like your idea, but I tried it and it didn't work for me Sad

    I've set the port redirect rule on my router, and changed the rdpload.aspx file but to no avail. The interesting thing I notice is that if I also add port 8080 to the 80/443/4125 port forwarding rule, the remote RDP attempt times out instantly, however if I use only the 8080/4125 port redirect rule then the timeout takes about 10 seconds.

    I've also tried to use Port 5900, which is a VNC port I think... well I'm certain that this port is open at my workplace and it too fails.

    Can you give me any other details? This, like many others I'm sure, has been driving me mad.

    Cheers.
    Thursday, April 17, 2008 12:41 PM
  • If you will not be using FTP on your WHS, could you use port 21 and forward the port on your router back to 4125? Your workplace probably does not have port 21 blocked.

    Thursday, April 17, 2008 6:00 PM