Remove From My Forums

Access via remote website

Question
0

Sign in to vote

In the last couple of weeks I am suddenly unable to connect to my WHS remote website (I am fully paid up for the next couple of years!) IE just tells me that the site is not available, not that it is https or not recommended - simply not available.
When I open the WHS console and look at the server settings under 'remote access' nothing has changed, except that there is now a big red cross telling me that remote access is "not available".
I have run the remote access repair wizard that tells me that that access is available locally, that my router is cofigured properly, but the third test simply confirms that the remote website is not available from the internet, but doesn't really offer any solutions....
I have tried rebooting the server etc, but no success.

Anyone else had this problem, or can offer advice?

Thanks
Andrew McC

Tuesday, April 7, 2009 1:46 PM

Answers

0

Sign in to vote
Hi Ken,

Just to let you know that my problem is now solved by using the 'https' route using port 443.

Thanks for your help - I have learned a little more!
Andrew McC
- Marked as answer by Andrew McC Thursday, April 9, 2009 9:17 AM
Thursday, April 9, 2009 9:17 AM

All replies

0

Sign in to vote

Please try running the test at Shields Up! to see if you can access ports 80, 443, and 4125 successfully. Let us know what's reported for each of those ports.
I'm not on the WHS team, I just post a lot. :)

Tuesday, April 7, 2009 3:30 PM

Moderator
0

Sign in to vote

Thanks Ken,

I have run the Shields Up as you suggested - results as follows:

Port 80 - Stealth
Port 443 - Open
Port 4125 - not reported (cannot find this)

Does that help in any way?
Andrew McC

Wednesday, April 8, 2009 10:50 AM
0

Sign in to vote

You can run a custom port scan that includes port 4125, but it's unimportant. Your ISP is blocking access to port 80, the standard port for web servers. (Probably they are doing this because running a server on their network is against your terms of service.) You can still access your server using a url like https://myserver.homeserver.com though. Note the 's', which uses SSL and port 443 to access the server.

Alternatively you can negotiate with your ISP to allow you to run a server on your internet connection. They may require you to upgrade to a business plan to do so.
I'm not on the WHS team, I just post a lot. :)

Wednesday, April 8, 2009 12:07 PM

Moderator
0

Sign in to vote

Hello Ken,

Thanks, I will try the url you have suggested....

Just curious though - why would my ISP suddenly block this port? My remote access was working perfectly up until a couple of weeks ago - I assume they must have changed something at their end?

Andrew McC

Wednesday, April 8, 2009 12:22 PM
0

Sign in to vote

Your ISP's Terms of Service (TOS) for residential connections undoubtedly prohibits the installation of a server that's accessible through your connection. This is a very common prohibition for residential accounts. One of the ways that ISPs enforce this is by simply blocking incoming requests for certain ports. Since your port 80 is reported as "STEALTH" I surmise that your ISP has decided to do so.

There are various reasons for doing this, some more valid than others. There are few options for the individual consumer; probably the safest is to buy a business class of service instead of your current residential service. That will cost more, but your ISP will typically not restrict it nearly as much.
I'm not on the WHS team, I just post a lot. :)

Wednesday, April 8, 2009 6:01 PM

Moderator
0

Sign in to vote
Hi Ken,

Just to let you know that my problem is now solved by using the 'https' route using port 443.

Thanks for your help - I have learned a little more!
Andrew McC
- Marked as answer by Andrew McC Thursday, April 9, 2009 9:17 AM
Thursday, April 9, 2009 9:17 AM
0

Sign in to vote

Gents,
I have the same/similar problem.
In my router, I have opened the firewall for ports 80, 443, 3389, and 4125.
I have since learned I do not need to open 3389, so I will probably reclose tonight.

However, the issue is that I have tried accessing remotely and I CAN get into the WHS website.
I can also peruse Shared Folders. However, I can NOT connect to computers or to WHS console.

I have also run Shields Up custom port scans and come up with the following:

Port 80 - open
Port 443 - open
Port 3389 - Stealth
Port 4125 - Closed

I'm using ATT/SBCGlobal if that helps.
The annoying thing is I'd like to get to the WHS console and networked computers but can't.
Any help is appreciated.

Thursday, April 30, 2009 9:25 PM
0

Sign in to vote

Gents,
I have the same/similar problem.
In my router, I have opened the firewall for ports 80, 443, 3389, and 4125.
I have since learned I do not need to open 3389, so I will probably reclose tonight.

However, the issue is that I have tried accessing remotely and I CAN get into the WHS website.
I can also peruse Shared Folders. However, I can NOT connect to computers or to WHS console.

I have also run Shields Up custom port scans and come up with the following:

Port 80 - open
Port 443 - open
Port 3389 - Stealth
Port 4125 - Closed

I'm using ATT/SBCGlobal if that helps.
The annoying thing is I'd like to get to the WHS console and networked computers but can't.
Any help is appreciated.

Those 3 ports are correct (forgetting 3389 since it's unnecessary). Do you have the Computers tab on the website? If not, you need to use IE (or FireFox with the IE tab).

If you do have the Computers tab, are you getting an error message? If so, exactly what does it say?

Thursday, April 30, 2009 11:53 PM

Moderator
0

Sign in to vote
Yes, I have the Computers tab. When I click on either a computer or the WHS Console link within the Tab, it comes up with an error message: “The remote connection to the computer timed out. Please connect again.”

I've tried multiple times to set port 4125 through my firewall. On the router firewall details screen it shows that TCP 4125 is allowed to my homeserver. However, again, when I use ShieldsUp, it says that Port 4125 is Closed. I just tried it again, and same thing. Also, interestingly, ShieldsUp says that port 4125 is an Unknown protocol/application

This is driving me crazy!

PS- as of yet, I have NOT yet tried putting the homeserver in DMZ. I'm a bit leary as I don't have AV or any other "protection" running on that computer. But, reasoning that I haven't is if I have forwarded the correct 3 ports, it really shouldn't matter. ShieldsUp is telling me that it is Closed.

One other question... on my router firewall, I have Inbound NetBios unchecked. From what I know, I should NOT need to check that, correct?

PPS - I have also checked to make sure that Port 4125 (RDP) is open (set to exception) on Windows Firewall
- Edited by BlackDogWHS Friday, May 1, 2009 1:13 AM added PPS
Thursday, April 30, 2009 11:58 PM
0

Sign in to vote

Well I'm trying a slightly different approach now to Port 4125.
I went into the Router and opened external Port range 4124-4128 and mapped it to internal 4125.
I re-ran ShieldsUp and it now shows 4124 Closed, and 4125, 4126, 4127, and 4128 as Stealth.

I'm going to try logging in from work tomorrow and see what happens!!!

Friday, May 1, 2009 1:12 AM
0

Sign in to vote

Yes, I have the Computers tab. When I click on either a computer or the WHS Console link within the Tab, it comes up with an error message: “The remote connection to the computer timed out. Please connect again.”

I've tried multiple times to set port 4125 through my firewall. On the router firewall details screen it shows that TCP 4125 is allowed to my homeserver. However, again, when I use ShieldsUp, it says that Port 4125 is Closed. I just tried it again, and same thing. Also, interestingly, ShieldsUp says that port 4125 is an Unknown protocol/application

That's normal. It should be closed (unless there is an active connection to a client through the Remote Access website at the time you check).

This is driving me crazy!

PS- as of yet, I have NOT yet tried putting the homeserver in DMZ. I'm a bit leary as I don't have AV or any other "protection" running on that computer.

You could try it for a few minutes. However, IMO, using Remote Access on your server without an A/V is a bad idea.

But, reasoning that I haven't is if I have forwarded the correct 3 ports, it really shouldn't matter. ShieldsUp is telling me that it is Closed.

One other question... on my router firewall, I have Inbound NetBios unchecked. From what I know, I should NOT need to check that, correct?

PPS - I have also checked to make sure that Port 4125 (RDP) is open (set to exception) on Windows Firewall
Did you install any add-ins/apps on your server? Did you install the ActiveX Control on the computer you are using to connect to the RA website?

Friday, May 1, 2009 3:19 AM

Moderator
0

Sign in to vote

No additional apps.
Yes to Add-ins. The following:
- remote notification
- remote alert
- WHS Disk Mgmt
- Advanced Admin Console

Although, I'm not sure how that would affect this.
Yes, Active X is installed on the computer used to connect to the RA website.

Friday, May 1, 2009 9:25 AM
0

Sign in to vote

No additional apps.
Yes to Add-ins. The following:
- remote notification
- remote alert
- WHS Disk Mgmt
- Advanced Admin Console

Although, I'm not sure how that would affect this.
Yes, Active X is installed on the computer used to connect to the RA website.

I know there have been reports of users having issues with the Advanced Admin Console after installing PP2. You might try uninstalling it.

Saturday, May 2, 2009 4:22 AM

Moderator
0

Sign in to vote

I only recently installed Adv Admin Console (AAC), so I don't think that is it. The problem of being able to connect to Computers & WHS Console was there before installing AAC. I did try uninstalling though with your suggestion, and it still comes up with the error message: “The remote connection to the computer timed out. Please connect again.”

I also did try connecting from two different locations recently (Cellular & from work) and still can not connect to computers & WHS Console. Problems still seem to plague me with the Port 4125 problem. I thought it may be that my work blocked port 4125, but I also tried connecting using my cellular card in my laptop with no luck. I can get to my homeserver website, and I can peruse Shared folders... I just can't do anything under the Computers tab. Looks like my Port Range forward didn't work.

I just ran another test with Shields Up and came up with the following:

Port 80 - open
Port 443 - open
Port 3389 - Stealth
Port 4125 - Stealth

Monday, May 4, 2009 11:01 PM
0

Sign in to vote

I only recently installed Adv Admin Console (AAC), so I don't think that is it. The problem of being able to connect to Computers & WHS Console was there before installing AAC. I did try uninstalling though with your suggestion, and it still comes up with the error message: “The remote connection to the computer timed out. Please connect again.”

I also did try connecting from two different locations recently (Cellular & from work) and still can not connect to computers & WHS Console. Problems still seem to plague me with the Port 4125 problem. I thought it may be that my work blocked port 4125, but I also tried connecting using my cellular card in my laptop with no luck. I can get to my homeserver website, and I can peruse Shared folders... I just can't do anything under the Computers tab. Looks like my Port Range forward didn't work.

I just ran another test with Shields Up and came up with the following:

Port 80 - open
Port 443 - open
Port 3389 - Stealth
Port 4125 - Stealth

That's not what you said before. Before you said 4125 was closed (which is what it should be). If 4125 is reporting as Stealth (and you are forwarding to the correct IP address), your ISP is probably blocking that port.

Tuesday, May 5, 2009 4:22 AM

Moderator
0

Sign in to vote

That's not what you said before. Before you said 4125 was closed (which is what it should be). If 4125 is reporting as Stealth (and you are forwarding to the correct IP address), your ISP is probably blocking that port.

OK, now you have me very lost and confused. Yes, I realize I said before port 4125 was closed. That was before I added the port forward range of 4124-4128 to 4125 as noted in my reply 6 posts above. It was closed before I change the forwarding.

I *thought* the whole purpose of adding port 4125 to exception on the firewall was to open the port. Before I added the port forward range of 4124-4128 it was showing as closed. So help me understand... do I want port 4125 open or closed?

Tuesday, May 5, 2009 1:45 PM
0

Sign in to vote

Port "open" detection is not only depending on port forwarding and firewall settings. It will only show "open" if WHS is listening on port 4125. Listening on port 4125 on your WHS is initiated when you try to connect to a computer in your network or to your WHS from the remote access web page, computers tab.

Stealth for ports 3389 and 4125 means something is blocking access to these ports. Could be you provider as kariya21 suggest, could also be your router or modem firewall. In some routers you may also need to make separate firewall rules for some ports next to setting port forwarding appropriately.

Closed port means Shieldsup can scan this port on your WHS (or another system behind your router), however it finds there's currently nothing running (listening) on this port.

Tuesday, May 5, 2009 2:05 PM

Moderator
0

Sign in to vote

Brubber, thank you for the explanation.

As demonstrated above though, I can make port 4125 either Closed or Stealth depending on how I set up my router. What setting do I want port 4125 as in order to accept a WHS Console or Computer request session?

Based on all of the searches I have done thus far, ATT does not block ports. I am calling them to confirm.

I have also read through the Microsoft Technical Bulletin on Remote Access and followed all suggestions.
However, I still can not connect to computers or WHS Console.

I don't know what else to check...

Tuesday, May 5, 2009 8:07 PM
0

Sign in to vote

Brubber, thank you for the explanation.

As demonstrated above though, I can make port 4125 either Closed or Stealth depending on how I set up my router. What setting do I want port 4125 as in order to accept a WHS Console or Computer request session?

It should show up as closed. Stealth means it's hidden (either blocked by your ISP or an incorrect configuration). Closed means it's still available from outside your LAN (just not being used at that exact moment).

Based on all of the searches I have done thus far, ATT does not block ports. I am calling them to confirm.

Frankly, searches for that are irrelevent (and, in some cases, calling them is also irrelevent). There have been more than a few users who called various ISPs and were told "No, we don't do that" by the person working the "help desk" only to find out from someone else in the Level 2 Tech/IT department that they do. The bottom line is if it's showing up as Stealth and you've configured your modem and router correctly, they are definitely blocking the port. My suggestion is to get it back to where Shields Up! reports port 4125 as Closed, then reboot the server and any/all clients in your LAN that you want to connect to. After that, go to a friend's house/work/Starbucks and try to connect from there.

I have also read through the Microsoft Technical Bulletin on Remote Access and followed all suggestions.
However, I still can not connect to computers or WHS Console.

I don't know what else to check...

Wednesday, May 6, 2009 1:47 AM

Moderator

Answered by:

Access via remote website

Question

Answers

All replies