locked
Remote access problem RRS feed

  • Question

  • I've got a problem using remote access of my WHS.  I set up the router & domain name through Windows Home Server Settings, no problem.  I then try https://xxxx.homeserver.com from on of the computers on my home network & I get the home page and am able to log on.  But it won't work from an outside network.  The router (Linksys WRT54G) has ports 80, 443 & 4125 forwarded.

     

    I tried changing the ports to 8008 and 8009 as per Phillip Churchill's tutorial, but still no good.

    Friday, November 23, 2007 4:49 AM

Answers

  • SUCCESS!!!!

     

    I've tried just about everything else, so I did a live chat session with Linksys tech support.  The guy suggested I reflash the firmware.  So, I did as I was told and voila - Remote Access works beautifully.  I can access my shared folders on the WHS machine and RDP the other computers on the network.

     

    Something weird is going on though.  The port forwarding screen in the router shows no ports forwarded at all.

     

    Anyway, thanks to all who offered suggestions & tips.

     

    Frank

     

    Saturday, December 1, 2007 3:07 AM

All replies

  •  drzaius wrote:
    I've got a problem using remote access of my WHS.  I set up the router & domain name through Windows Home Server Settings, no problem.  I then try https://xxxx.homeserver.com from on of the computers on my home network & I get the home page and am able to log on.  But it won't work from an outside network.  The router (Linksys WRT54G) has ports 80, 443 & 4125 forwarded.

     

    I tried changing the ports to 8008 and 8009 as per Phillip Churchill's tutorial, but still no good.

     

    Your ISP may be blocking one of those ports.  You can try Shields UP! to see if the ports are blocked from the outside...

    Friday, November 23, 2007 4:56 AM
    Moderator
  • kariya21, should I run Shields Up from the WHS machine?

     

    Friday, November 23, 2007 5:32 PM
  • You should be able to run it from any machine on your home network.

     

    Andrew

     

    Friday, November 23, 2007 5:46 PM
    Moderator
  • I ran it from the WHS machine & one other.  All ports are blocked according to Shields Up

     

    Friday, November 23, 2007 7:35 PM
  • Evenin' all

     

    I have been having problems with remote access... Everything looks fine after reading the MANY posts on this subject. After trying shields up I have found port 80 and 443 to be 'Open' as they should, port 4125 however reports 'Closed - Unknown Protocol for this port'.

     

    Locally all is well, at work my SysAdmin has opened port 4125 on the ISA firewall... Still nothing...

     

    Logging in to xxxxxxx.homeserver.com locally and connecting to the WHS works...

     

    Any ideas, my train of thought at the moment is that my ISP (Virgin Media, UK) has port 4125 blocked.

     

    Why block this port when 3389 is open and I can connect whichever PC I set my router up to point to..

     

    Any other suggestions, ideas or clues...

     

    Many thanks in advance

     

     

    Friday, November 23, 2007 10:50 PM
  •  Jaffa1968 wrote:

    port 4125 however reports 'Closed - Unknown Protocol for this port'.

    This is OK it should be closed (or stealth if you have a decent firewall). WHS is not listening at this port, only when you try to connect to your homeserver (after you enter the pwd and click OK) or some computer in your network it will listen on this port. If it were open I would be more worried.

     

    Unless you want to use your WHS remote website to connect to your WHS console or a PC in your network you don't need port 4125. Personally I would also advise NOT to use port 80. Opening port 80 is more or less similar to advertising "Hey I'm here, come and hack me". Also instead of using port 443 you'ld better use some high port that is not currently used by a known application, for example 51346. Only disadvantage is that you have to add the portnumber to address to access your WHS. (https://xxxxxxxx.homeserver.com:51346)

    Saturday, November 24, 2007 12:07 AM
    Moderator
  •  drzaius wrote:

    I then try https://xxxx.homeserver.com from on of the computers on my home network & I get the home page and am able to log on.  But it won't work from an outside network.

    This should NOT work from within your network.
    Saturday, November 24, 2007 12:31 AM
    Moderator
  •  brubber wrote:
     drzaius wrote:

    I then try https://xxxx.homeserver.com from on of the computers on my home network & I get the home page and am able to log on.  But it won't work from an outside network.

    This should NOT work from within your network.
    Not true, or at least not universally so. Some broadband routers have problems looping back to themselves that way, but many will handle it just fine.
    Saturday, November 24, 2007 4:06 AM
    Moderator
  • This whole Remote Access thing is p***ing me off.  I'm giving up, because it just isn't worth the frustration.  I think MS needs to do some more work on this before suggesting to the public at large that this is a feature that they can use.

     

    I'm by no means an expert, but I'm not completely stupid either.  If I can't make this work easily, then I think there are a lot of others who are going to have problems as well.  I've spent hours reading forum posts on the subject & trying the various work-arounds, but no joy at all.

     

    This is the only feature of WHS that hasn't worked perfectly and it's otherwise a great product.

     

    Tuesday, November 27, 2007 2:04 AM
  •  drzaius wrote:
    This whole Remote Access thing is p***ing me off.  I'm giving up, because it just isn't worth the frustration.  I think MS needs to do some more work on this before suggesting to the public at large that this is a feature that they can use.

     

    I'm by no means an expert, but I'm not completely stupid either.  If I can't make this work easily, then I think there are a lot of others who are going to have problems as well.  I've spent hours reading forum posts on the subject & trying the various work-arounds, but no joy at all.

     

    This is the only feature of WHS that hasn't worked perfectly and it's otherwise a great product.

     

    Did you check with your ISP to see if they are blocking those ports?

    Tuesday, November 27, 2007 4:59 AM
    Moderator
  • I checked with Telus & the tell me they aren't blocking those ports.  Even if they were, wouldn't changing to ports 8008 & 8009 get around that?

     

    Thursday, November 29, 2007 12:21 AM
  • FWIW, I disabled both Windows firewall & the Linksys firewall (risky, I know, but only for a few minutes) but still didn't work.

    Thursday, November 29, 2007 12:25 AM
  • I have the same router and have not had any problem setting WHS up for remote access.
    Here are the settings I have on the router for forwarding:

    Application   Start   End    Protocol   IP Address    Enabled
    HTTP           80      80     Both     192.168.1.103    X
    HTTPS         443     443     TCP      192.168.1.103    X

    Dont forget, the IP Address is the internal (to your network) address of your WHS.
    Good luck.

    Thursday, November 29, 2007 4:58 AM
  •  drzaius wrote:
    I checked with Telus & the tell me they aren't blocking those ports.  Even if they were, wouldn't changing to ports 8008 & 8009 get around that?

     

    Well, something's definitely not right.  80 and 443 should report as open and 4125 should report as closed.  Since they said they don't block those ports, I would change the IIS settings back to the original ports and verify your router is pointing to your server's IP address.  Do you have your server set up with a static IP?

    Thursday, November 29, 2007 5:14 AM
    Moderator
  •  Ken Warren wrote:
     brubber wrote:
     drzaius wrote:

    I then try https://xxxx.homeserver.com from on of the computers on my home network & I get the home page and am able to log on.  But it won't work from an outside network.

    This should NOT work from within your network.
    Not true, or at least not universally so. Some broadband routers have problems looping back to themselves that way, but many will handle it just fine.
    You're right Ken, In my mind this was a feature available only in pro equipment, which was true a looong time ago. Still you will need to set / define the internal loopback in the router I guess, or
    Thursday, November 29, 2007 8:56 AM
    Moderator
  • @drzaius, when you set port forwarding in your router did you apply/save these settings and rebooted the router? If not please try.

    Thursday, November 29, 2007 9:04 AM
    Moderator

  • Just a thought and somebody please tell me if this is feasible/secure:

    Would it be possible to have an AddIn that integrates the remote access into the homeserver webpages? I am thinking about something like a Java Application that opens on the xxx.homeserver.com website that negotiates the secure connection and provides the frontend on the client PC. This could solve all the problems with the ports if the JavaApp just tunnels everything through HTTP and setup could be handled via the AddIn so that noobs like me could get it running.

    TightVNC has a Java frontend. I dibbled around with it a little bit but wasn't able to make it work...
    Thursday, November 29, 2007 1:42 PM
  • For starters from afar ping xxx.homeserver.com and see if you get the same answer as going to www.whatismyip.com from any desktop on your home network.

     

    When you go to the remote access tab in the home server console and click router>details what do you get?  Green checks everywhere?

     

    Atach a screenshot of your router config and verify the ip of your home server

     

    Still.....

     

    Thursday, November 29, 2007 2:24 PM
    Moderator
  • I'm in the same boat here.  When I first set up my server, everything worked fine except for remote access from OUTSIDE my network.  At home, I could login thru the website and all was good.  After reading that my ISP (Verizon DSL here in WA state) likely blocks ports 80 and 443 (I've not personally confirmed this via phone call) I decided to try port forwarding to some alternate ports.  Per the P. Churchill document, I've set up evrything to be 8008 and 8009.  Again, I can access from my own network, but to no avail from outside.

     

    However, after having forwarded to these non-standard ports, WHS is saying that my router is not properly forwarding ports...is this merely because it can't find them on the standard 80 and 443 ports?

     

    I've done the whole she-bang with setting static IPs on all my computers and the server, port forwarding the router to the proper ports, setting up the server via the IIS feature and all that.  I'm not a network guru, but not a complete boob either, so I think I have it properly configured.  So, what are my next options here to get remote access working?  Do I simply try some other ports?  What is the limit to port numbers available to try?

     

    This was a big factor in me going with WHS and building a server, so it is disappointing not to be able to use this function...though I know it is not the fault of MS or the WHS software as far as I can tell.

     

    Thanks for any advice.

     

    Oh, I forgot to mention that I am using a D-Link DI-624 router.  The port forwarding is done by setting up "Virtual Servers" for each port you want.

     

    Thursday, November 29, 2007 3:36 PM
  • I have the same router make sure u are using port forwarding, to whatever port your server is plugged into.

     

    There is also the dmz tab that you can open for the port your server is plugged into to alow all ports to be open just for that port

     

     

    Thursday, November 29, 2007 3:44 PM
  • Just so I know it's not the system I'm trying to see my site with, could someone check out my site to see if anyone CAN see it?  Thanks.

     

    http://adcock5.homeserver.com:8008

    https://adcock5.homeserver.com:8009

     

    Thursday, November 29, 2007 6:57 PM
  •  ChiknNutz wrote:

    Just so I know it's not the system I'm trying to see my site with, could someone check out my site to see if anyone CAN see it?  Thanks.

     

    http://adcock5.homeserver.com:8008

    https://adcock5.homeserver.com:8009

     

     

    I got to the https page on port 8009, but not the other here in central Oklahoma.

    Thursday, November 29, 2007 8:17 PM
  •  knightp25 wrote:

    I have the same router make sure u are using port forwarding, to whatever port your server is plugged into.

     

    There is also the dmz tab that you can open for the port your server is plugged into to alow all ports to be open just for that port

     

    Putting a PC or a WHS into the DMZ is a big security risk and one I would not advise doing. Its better to sort out the port forwarding issue and fix it properly.

    Thursday, November 29, 2007 8:23 PM
  •  Al Jarvi wrote:
     ChiknNutz wrote:

    Just so I know it's not the system I'm trying to see my site with, could someone check out my site to see if anyone CAN see it?  Thanks.

     

    http://adcock5.homeserver.com:8008

    https://adcock5.homeserver.com:8009

     

     

    I got to the https page on port 8009, but not the other here in central Oklahoma. Your cert is also valid...

     

    Really?!  Now that's crazy, cuz I can't see either of them from the system I'm currently on!  What settings local to me would preclude me from accessing it, when I can access other sites fine (though this is on a corporate network with security stuff that I'm totally unaware of)?  Why in the heck the 8009 but not the 8008?!?!  Did you also try adding the /home to the end of the 8008 address?

     

    Anyway, thanks for taking a peek at them!

    Thursday, November 29, 2007 8:32 PM
  • @brubber - works here out of the box, and using http:// shows me the router home page, which works fine. Cheers!
    Thursday, November 29, 2007 9:00 PM
  •  wesj wrote:
    I have the same router and have not had any problem setting WHS up for remote access.
    Here are the settings I have on the router for forwarding:

    Application   Start   End    Protocol   IP Address    Enabled
    HTTP           80      80     Both     192.168.1.103    X
    HTTPS         443     443     TCP      192.168.1.103    X

    Dont forget, the IP Address is the internal (to your network) address of your WHS.
    Good luck.

     

    This is exactly what the settings are on my router, my homeserver address is the same as well

    Friday, November 30, 2007 3:18 AM
  •  kariya21 wrote:
     drzaius wrote:
    I checked with Telus & the tell me they aren't blocking those ports.  Even if they were, wouldn't changing to ports 8008 & 8009 get around that?

     

    Well, something's definitely not right.  80 and 443 should report as open and 4125 should report as closed.  Since they said they don't block those ports, I would chanege the IIS settings back to the original ports and verify your router is pointing to your server's IP address.  Do you have your server set up with a static IP?

     

    I've tried using 8008 & 8009 as well as 80 & 443.  Also tried with the server set up with static as well as dynamic address

    Friday, November 30, 2007 3:20 AM
  • Sorry for the flurry of posts here, but I'm playing catchup here.

     

    This seems a little weird, but with Windows Firewall disabled and the firewall protection disabled on the Linksys router, ShieldsUp still shows all ports as stealth.

     

    I don't suppose the DSL modem could have anything to do with this?  Doesn't seem likely.  Anyway, Telus just upgraded me to a 3 mbs connection & they're sending me a new modem in a few days, so we'll see.

    Friday, November 30, 2007 3:37 AM
  •  brubber wrote:

    @drzaius, when you set port forwarding in your router did you apply/save these settings and rebooted the router? If not please try.

     

    Just rebooted the router after saving the settings. Still no good.

    Friday, November 30, 2007 4:30 AM
  •  ChiknNutz wrote:

    Just so I know it's not the system I'm trying to see my site with, could someone check out my site to see if anyone CAN see it?  Thanks.

     

    http://adcock5.homeserver.com:8008

    https://adcock5.homeserver.com:8009

     

     

    Both worked from my machine

    Friday, November 30, 2007 4:33 AM
  •  drzaius wrote:
    I don't suppose the DSL modem could have anything to do with this?  Doesn't seem likely.  Anyway, Telus just upgraded me to a 3 mbs connection & they're sending me a new modem in a few days, so we'll see.
    Actually it's more then likely this is your problem. In the DSL modem you should forward the relevant ports to the WAN address of your router.

    Friday, November 30, 2007 7:36 AM
    Moderator
  • I have a weird twist on this.

     

    Internally https://myservername ALL of the web access options work fine.

     

    Externally https://xxxxx.homeserver.com I can access my shared folders but I can't remote into my computers.

     

    At first I thought port 4125 was blocked by Comcast but now I'm not sure. When I first tried to remote in I would almost immediately get bumped out with a "Remote connection to the computer timed out. Please connect again." error box. Tonight while trying it I managed to get logged in, the remote desktop finished drawing, I picked the start icon on the remote desktop, then it kicked me out with the timed out error.

     

    In my case if 4125 was blocked by my ISP or nor forwarded correctly at my router, could I have even made it to the remote login screen? Also while trying to remote login I ran netstat -an in a command window on the server and it reported back.

     

    TCP  192.168.1.101:443    192.168.1.1:3024  ESTABLISHED

    TCP  192.168.1.101:443    192.168.1.1:3028  ESTABLISHED

    TCP  192.168.1.101:4125  192.168.1.1:3041  ESTABLISHED

     

    So what is causing my time out errors if I don't have a porting issue?

     

    HELP!!

     

    Thanks!!!

     

     

     

     

    Friday, November 30, 2007 7:54 AM
  • @Testing_104:

     

    Better start new thread, IMHO this is a different issue, (which has been put up a few times before I think, so you may even find your answer when searching the forum)

    Friday, November 30, 2007 8:04 AM
    Moderator
  •  drzaius wrote:

    Sorry for the flurry of posts here, but I'm playing catchup here.

     

    This seems a little weird, but with Windows Firewall disabled and the firewall protection disabled on the Linksys router, ShieldsUp still shows all ports as stealth.

     

    I don't suppose the DSL modem could have anything to do with this?  Doesn't seem likely.  Anyway, Telus just upgraded me to a 3 mbs connection & they're sending me a new modem in a few days, so we'll see.

     

    Some DSL modems are also routers. You need to either forward the appropriate ports through the DSL modem/router or configure it for a bridge or pass through mode. What modem do you have? What ISP? That information can help others help you.

    Friday, November 30, 2007 11:23 AM
  • Sounds like a MTU issue in your router.  This is not the official way to determine the propper setting, you can google MTU, but set it to say 1400 and see what happens.

     

    Still.....

     

    Friday, November 30, 2007 2:08 PM
    Moderator
  •  Still Grey wrote:

    Sounds like a MTU issue in your router.  This is not the official way to determine the propper setting, you can google MTU, but set it to say 1400 and see what happens.

     

    Still.....

     

    Who are you talking to? Next to OP there's at least two others with different prob. I think (as I posted before) OP has to forward ports in modem to WAN address of router or as Al Jarvi suggested bridge modem and router.

     

    max MTU for PPPoE connections = 1492.  With some ISP you will have to use slightly lower value due to overhead caused by their internal network structure.

    Friday, November 30, 2007 2:30 PM
    Moderator
  •  brubber wrote:

     drzaius wrote:
    I don't suppose the DSL modem could have anything to do with this?  Doesn't seem likely.  Anyway, Telus just upgraded me to a 3 mbs connection & they're sending me a new modem in a few days, so we'll see.
    Actually it's more then likely this is your problem. In the DSL modem you should forward the relevant ports to the WAN address of your router.

     

    The modem is a 3com something or other (I'm not at home right now so I can't check) but it's not a router.  Just phone line in, LAN out.  I don't know of any way to access the modem configuration.

    Friday, November 30, 2007 2:48 PM
  • Smile

    Yea, that was to testing_104

    He connects sometimes, get yea far and then it drops

     

    Friday, November 30, 2007 3:20 PM
    Moderator
  •  drzaius wrote:
     ChiknNutz wrote:

    Just so I know it's not the system I'm trying to see my site with, could someone check out my site to see if anyone CAN see it?  Thanks.

     

    http://adcock5.homeserver.com:8008

    https://adcock5.homeserver.com:8009

     

     

    Both worked from my machine

     

    I just don't understand this...one person gets the https, one gets both, and get neither of them?  What gives here?  Anyone have any guidance on the subject?  Thanks much.

    Friday, November 30, 2007 3:43 PM
  •  drzaius wrote:
    The modem is a 3com something or other (I'm not at home right now so I can't check) but it's not a router.  Just phone line in, LAN out.  I don't know of any way to access the modem configuration.
    Check modem documentation. You should be able to configure the modem through a web interface or at least cli (probably using telnet). For cli documentation you'll probably have to go to 3com support pages. Or take out modem if you can configure PPPoE connection on your router.
    Friday, November 30, 2007 4:10 PM
    Moderator
  • SUCCESS!!!!

     

    I've tried just about everything else, so I did a live chat session with Linksys tech support.  The guy suggested I reflash the firmware.  So, I did as I was told and voila - Remote Access works beautifully.  I can access my shared folders on the WHS machine and RDP the other computers on the network.

     

    Something weird is going on though.  The port forwarding screen in the router shows no ports forwarded at all.

     

    Anyway, thanks to all who offered suggestions & tips.

     

    Frank

     

    Saturday, December 1, 2007 3:07 AM
  • Yeee haah

    I had an old router once that did not show what had been configured by UpNP...perhaps that is why the ports do not show.

     

    Saturday, December 1, 2007 3:07 PM
    Moderator
  • All my ports were forwarded correctly.. etc.  Still was unable to hit the WHS remotely from a machine on my local network.

     

    I was able to finally get mine to work by disabling the firewall in my linksys WRT330N router.  That allowed me through.  So I figured out the "Filter Internet NAT Redirection" was checked thus blocking my outside IP request back to my local machine... the WHS.

     

    Hope this helps others.

    Tuesday, December 18, 2007 4:07 AM