Results 1 to 12 of 12
  1. #1
    New Lounger
    Join Date
    Jun 2010
    Location
    British Columbia
    Posts
    3
    Thanks
    0
    Thanked 0 Times in 0 Posts

    ISP blocks RDP ports, crippling WHS 2003

    My ISP demands I pay for an expensive business plan if I want to be able to remotely connect to my home server from work/elsewhere. It has blocked the ports that my home server uses by default to allow RDP calls. Does anyone know an easy reliable workaround?
    Thanks,
    Todd

  2. Subscribe to our Windows Secrets Newsletter - It's Free!

    Get our unique weekly Newsletter with tips and techniques, how to's and critical updates on Windows 7, Windows 8, Windows XP, Firefox, Internet Explorer, Google, etc. Join our 480,000 subscribers!

    Excel 2013: The Missing Manual

    + Get this BONUS — free!

    Get the most of Excel! Learn about new features, basics of creating a new spreadsheet and using the infamous Ribbon in the first chapter of Excel 2013: The Missing Manual - Subscribe and download Chapter 1 for free!

  3. #2
    Administrator
    Join Date
    Jun 2010
    Location
    Portugal
    Posts
    10,207
    Thanks
    129
    Thanked 1,145 Times in 1,054 Posts
    You could try changing the Remote Desktop port. The advice given is for XP, but it should work on WHS too. If you change it, make sure the port is allowed through your firewall.

    Another alternative might be changing ISP . I wouldn't take my ISP doing that to me.

  4. #3
    Administrator
    Join Date
    Mar 2001
    Location
    St Louis, Missouri, USA
    Posts
    20,416
    Thanks
    1
    Thanked 597 Times in 534 Posts
    Do you really need RDP access to the server? If you are just trying to access shared folders, have you considered using a free domain at homeserver.com that you are allowed with WHS?

    Joe

  5. #4
    Platinum Lounger
    Join Date
    Dec 2009
    Location
    Earth
    Posts
    3,545
    Thanks
    7
    Thanked 225 Times in 213 Posts
    TeamViewer?

    cheers, Paul

  6. #5
    New Lounger
    Join Date
    Apr 2010
    Location
    Chandler, Arizona
    Posts
    7
    Thanks
    0
    Thanked 1 Time in 1 Post
    I dont recommend changing the terminal services listening port as mentioned above, it can break many things that depend on that port. you can however add a second listening port.

    To do this, open the registry editor by hitting start > run and type regedit and hit enter. navigate to:

    HKEY_LOCAL_MACHINE\System\CurrentControlSet\Contro l\TerminalServer\WinStations\RDP-Tcp\

    Right click on the RDP-Tcp registry key and select export, save the key to your desktop, giving it any name you wish, i usually just simply name it RDP. once its saved, minimized the registry editor and locate the exported reg key on your desktop, right click on it and select edit. This will open the key using notepad.

    By default Terminal Services uses port 3389, the 10 ports following 3389 are unused, so i usually use 3390, if i've used that already, go to the next 3391 and so on.

    Once the reg key is opened in notepad, the first thing you need to do is give the key a new name, this is done by editing the second line which looks like:

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\Terminal Server\WinStations\RDP-Tcp]

    I usually name it by appending the new port number to it, like:

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\Terminal Server\WinStations\RDP-Tcp - 3390]

    Once you'vegiven it a new name, search for the port number: hit CTRL + F and type portnumber in the search box. that should take you to this line:

    "PortNumber"=dword:00000d3d

    The port values are in hexadecimal, so the port number d3d = 3389, if you want to make this port number 3390 you would use the hexidecimal value d3e, for 3391 d3f, for 3392 d40 and so on.

    so for port number 3390 you would edit the line to read:

    "PortNumber"=dword:00000d3e

    Once you have done this, click the red x in the corner to close notepad, it will ask you if you want to save the changes click Yes.

    once the reg key is saved, right click on it and click select merge, a box will pop up stating the key has successfully been merged in to the registry. Now go back to regedit and look at the [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\Terminal Server\WinStations\] key, you will now see 2 subkeys RDP-Tcp and RDP-Tcp - 3390.

    You have now added a second Terminal Services listening port to your windows home server. you will need to forward that port through your firewall / router to your home server, if you need help with that reply with your router make and model and i'll post instructions to accomplish this.

    To access your server using the new port number, in the remote desktop connection box you would use the address: yourserveraddress:3390, if you have any questions feel free to ask.

    Below is a sample of the full registry key with the edits made highlited in red:

    Note: the sample registry key below is from a windows 7 computer so do not copy and paste it for use on your home server is will cause you problems, just make the edits as noted above.

    Windows Registry Editor Version 5.00

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\Terminal Server\WinStations\RDP-Tcp - 3390]
    "AudioEnumeratorDll"="rdpendp.dll"
    "Callback"=dword:00000000
    "CallbackNumber"=""
    "CdClass"=dword:00000000
    "CdDLL"=""
    "CdFlag"=dword:00000000
    "CdName"=""
    "CfgDll"="RDPCFGEX.DLL"
    "ColorDepth"=dword:00000005
    "Comment"=""
    "Domain"=""
    "DrawGdiplusSupportLevel"=dword:00000001
    "fAllowSecProtocolNegotiation"=dword:00000001
    "fAutoClientDrives"=dword:00000001
    "fAutoClientLpts"=dword:00000001
    "fDisableAudioCapture"=dword:00000000
    "fDisableCam"=dword:00000000
    "fDisableCcm"=dword:00000000
    "fDisableCdm"=dword:00000000
    "fDisableClip"=dword:00000000
    "fDisableCpm"=dword:00000000
    "fDisableEncryption"=dword:00000001
    "fDisableExe"=dword:00000000
    "fDisableLPT"=dword:00000000
    "fEnableWinStation"=dword:00000001
    "fForceClientLptDef"=dword:00000001
    "fHomeDirectoryMapRoot"=dword:00000000
    "fInheritAutoClient"=dword:00000001
    "fInheritAutoLogon"=dword:00000001
    "fInheritCallback"=dword:00000000
    "fInheritCallbackNumber"=dword:00000001
    "fInheritColorDepth"=dword:00000000
    "fInheritInitialProgram"=dword:00000001
    "fInheritMaxDisconnectionTime"=dword:00000001
    "fInheritMaxIdleTime"=dword:00000001
    "fInheritMaxSessionTime"=dword:00000001
    "fInheritReconnectSame"=dword:00000001
    "fInheritResetBroken"=dword:00000001
    "fInheritSecurity"=dword:00000000
    "fInheritShadow"=dword:00000001
    "fLogonDisabled"=dword:00000000
    "fPromptForPassword"=dword:00000000
    "fReconnectSame"=dword:00000000
    "fResetBroken"=dword:00000000
    "fUseDefaultGina"=dword:00000000
    "InitialProgram"=""
    "InputBufferLength"=dword:00000800
    "InteractiveDelay"=dword:00000032
    "KeepAliveTimeout"=dword:00000000
    "KeyboardLayout"=dword:00000000
    "LanAdapter"=dword:00000000
    "LoadableProtocol_Object"="{18b726bb-6fe6-4fb9-9276-ed57ce7c7cb2}"
    "MaxConnectionTime"=dword:00000000
    "MaxDisconnectionTime"=dword:00000000
    "MaxIdleTime"=dword:00000000
    "MaxInstanceCount"=dword:ffffffff
    "MinEncryptionLevel"=dword:00000002
    "NWLogonServer"=""
    "OutBufCount"=dword:00000006
    "OutBufDelay"=dword:00000064
    "OutBufLength"=dword:00000212
    "Password"=""
    "PdClass"=dword:00000002
    "PdClass1"=dword:0000000b
    "PdDLL"="tdtcp"
    "PdDLL1"="tssecsrv"
    "PdFlag"=dword:0000004e
    "PdFlag1"=dword:00000000
    "PdName"="tcp"
    "PdName1"="tssecsrv"
    "PortNumber"=dword:00000d3e
    "SecurityLayer"=dword:00000001
    "Shadow"=dword:00000001
    "UserAuthentication"=dword:00000000
    "Username"=""
    "WdDLL"="rdpwd"
    "WdFlag"=dword:00000036
    "WdName"="Microsoft RDP 7.1"
    "WdPrefix"="RDP"
    "WFProfilePath"=""
    "WorkDirectory"=""
    "WsxDLL"="rdpwsx"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\Terminal Server\WinStations\RDP-Tcp\TSMMRemotingAllowedApps]
    "ehshell.exe"=dword:00000002
    Last edited by wallyb132; 2011-02-03 at 14:13. Reason: correct spelling and formatting error

  7. #6
    Lounger
    Join Date
    Dec 2009
    Location
    Burlington, VT
    Posts
    31
    Thanks
    2
    Thanked 1 Time in 1 Post
    I'd say get a free account at www.logmein.com, works over SSL so you know it'd never get blocked.

  8. #7
    5 Star Lounger
    Join Date
    Dec 2003
    Location
    Burrton, KS, USA
    Posts
    833
    Thanks
    0
    Thanked 2 Times in 2 Posts
    If you still wish to use RDP it should be easy to do a port redirect on your router. You obviously have a port forward right now that looks something like.

    forward tcp port 3389 > your.server.ip.address

    the new redirect might look like this.

    forward tcp port 3395 > tcp port 3389 your.server.ip.address

    You would then point you rdp client at your.public.ip.address:3395 and the router redirects it to the correct port on the server. Your ISP has no idea what you are pointing at so unless the are blocking all ports accept web and email, you should be able to find one you can get through on. You also do not need to change anything on your server as the router is doing all the work and the server sees all traffic on the default port.

  9. #8
    New Lounger
    Join Date
    Jun 2011
    Posts
    5
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Find out if they block VPN ports.

  10. #9
    New Lounger
    Join Date
    Jun 2011
    Posts
    5
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Oh, and you could probably get LogMeIn Free to work easily.

  11. #10
    New Lounger
    Join Date
    Jan 2012
    Posts
    2
    Thanks
    0
    Thanked 0 Times in 0 Posts

    hi can you help me please

    if so i need to chage port 80 my isp is bloking port 80 and por 443 so i can not see my whs web site or remote page on line i have the wificorp.homeserver.com url i am on a nat line i have put in a static to my computer but thats onley good for internel net work not externel as thay block that but let you have it on your privite net work have a idea for me thank you brittany i know this is not the good info to put on the net but i do not have a problem with any one entering my cp so here gos i hop this can help with some configeration I copyed it from ipconfig

    Tunnel adapter Teredo Tunneling Pseudo-Interface:

    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
    Physical Address. . . . . . . . . : FF-FF-FF-FF-FF-FF-FF-FF
    DHCP Enabled. . . . . . . . . . . : No
    IP Address. . . . . . . . . . . . : fe80::ffff:ffff:fffd%5
    Default Gateway . . . . . . . . . :
    NetBIOS over Tcpip. . . . . . . . : Disabled

    Tunnel adapter Automatic Tunneling Pseudo-Interface:

    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Automatic Tunneling Pseudo-Interface
    Physical Address. . . . . . . . . : C0-A8-01-41
    DHCP Enabled. . . . . . . . . . . : No
    IP Address. . . . . . . . . . . . : fe80::5efe:192.168.1.65%2
    Default Gateway . . . . . . . . . :
    DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
    fec0:0:0:ffff::2%1
    fec0:0:0:ffff::3%1
    NetBIOS over Tcpip. . . . . . . . : Disabled

    Source Ports: AnySingleRange would this be myserver
    Destination Ports: AnySingleRange and my internet conection

    and then run the whs every thing conects green but on the free name homeserver it gives me 3 green and two red checkmarks websites and remot website are not conecting there has to be a way around this microsoft should be making a work around program as all most all isp are now blocking many ports and run on a nat . you pay good money for what ???? its no good if you cant get on the net and serve web sites thay need some kinda ssl socket to get throw it or some thing any ideas thank you

    the router is a dlink model dvr-g3810bn/tl from telus in canada

  12. #11
    New Lounger
    Join Date
    Jan 2012
    Posts
    2
    Thanks
    0
    Thanked 0 Times in 0 Posts
    ps my email add is hop i am ok to post this tank you again brittany.
    Last edited by JoeP517; 2012-01-04 at 15:35. Reason: removed email address

  13. #12
    Platinum Lounger
    Join Date
    Dec 2009
    Location
    Earth
    Posts
    3,545
    Thanks
    7
    Thanked 225 Times in 213 Posts
    MissB, I think your problem is you are using an IP V6 address on your server. Your router won't do the conversion for you to be able to see the address outside your network. To test this I suggest you connect to your router and turn on remote management on port 80 - with a complex password to keep bad people out - then attempt to connect to the router from another location. If you can connect port 80 is OK.
    Now you need an IP V4 address on the server - something like 196.168.0.2 - and then you need to set the router up to pass requests on port 80 to the server IP address.

    cheers, Paul

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •