Configuring AirPort Extreme (5th Gen) for Windows Remote Desktop Connection VPN

Discussion in 'Mac OS X Server, Xserve, and Networking' started by AdamZA, Sep 10, 2014.

  1. AdamZA macrumors newbie

    Joined:
    Sep 10, 2014
    #1
    Hello,

    I'm having trouble configuring my AirPort Extreme (5th Gen) for use with Windows Remote Desktop on a Windows SBS 2012 server (external connection from internet). I have a static IP from my internet provider and this worked with our previous DrayTek router.

    What I have done so far:

    I have opened the port using AirPort Utility (3389)
    I have reserved the DCHP address of the server by MAC address to the two internal IP addresses of the server
    I have set the default host to the IP address of the server

    Perhaps notable:

    Previously all computers were on the server domain, this didn't work with the AirPort Extreme (no internet access, no server access) so I removed the computers from the domain - now all computers have internet and server access
    Remote desktop works from within the network to the local IP
    I tried setting the DNS servers on the AirPort Extreme to those reserved for the server - didn't work
    Tried to set the domain on the AirPort Extreme to the domain name of the server - didn't work
    When configuring the port in AirPort Utility, the UDP port fields are blank, both TCP ports are set to 3389.

    Any help would be greatly appreciated. An urgent resolution is needed. I've scoured the internet and the Apple Discussions website and nothing has worked thus far.

    Thanks,

    Adam
     
  2. Altemose macrumors G3

    Altemose

    Joined:
    Mar 26, 2013
    Location:
    Elkton, Maryland
    #2

    Does 3389 verify as open properly.
     
  3. AdamZA thread starter macrumors newbie

    Joined:
    Sep 10, 2014
    #3
    Thanks for your reply.

    Using telnet to 'ping' the port confirms the port as open and reachable but this is from the internal IP address.

    Telnet 192.168.1.15 3389

    Resulted in a blank cmd prompt showing that the port is reachable.

    I can connect using Remote Desktop with the internal IP as well.
     
  4. Altemose macrumors G3

    Altemose

    Joined:
    Mar 26, 2013
    Location:
    Elkton, Maryland
    #4
    Just to clarify, you have 3389 open in both the public and private port selection in AirPort Utility? It should look like this.

    I am wondering if your modem is the source of the problem. Perhaps the Draytek was configured in the DMZ of the modem and when you replaced it with your new AirPort it is behind the firewall and NAT of the modem.
     

    Attached Files:

  5. AdamZA thread starter macrumors newbie

    Joined:
    Sep 10, 2014
    #5
    Configuring AirPort Extreme (5th Gen) for Windows Remote Desktop Connection VPN

    Yes that is how it's currently set up.

    I don't think it's the modem though - we are using BT Infinity broadband which uses a simple modem which does nothing else. I can't say that with certainty but seeing as BT's own 'business hub' router has firewall built in I would assume the modem they supply with it does not.

    I'd like to try Windows Remote Desktop with the router BT provided but this would mean lots of disruption to my colleagues whilst I mess around with it.
     
  6. Altemose macrumors G3

    Altemose

    Joined:
    Mar 26, 2013
    Location:
    Elkton, Maryland
    #6

    Try calling your ISP and asking if there is a firewall on the modem.
     
  7. AdamZA thread starter macrumors newbie

    Joined:
    Sep 10, 2014
    #7
    The modem is not user configurable and doesn't include a firewall.

    I'm out of ideas!
     
  8. Altemose macrumors G3

    Altemose

    Joined:
    Mar 26, 2013
    Location:
    Elkton, Maryland
    #8

    And you verified that the port checks out using one of the online sites for checking? The problem here is you rearranged your network to make the machines not directly work off the server. If the port checks out as open then we are looking at a server issue potentially with the firewall. Double check that Windows Firewall has the exception made for 3389 and that the IP address still matches the open port forward.
     

Share This Page