[dba-Tech] VPN and Remote Desktop and Terminal Server

Steve Erbach erbachs at gmail.com
Wed Apr 27 17:37:27 CDT 2011 

Dear Group,

I'm in a bit of a bind due to something stupid I did at a client's
site yesterday and I wonder if you can help me.

Because I reset the cable modem yesterday to attempt to reset the
security code (since my client had, apparently, lost it) I also did
something to the ability to dial in via VPN and Remote Desktop to the
Terminal Server on the LAN.

The former network consultant (now very likely in jail for various
mopery and dopery) did not leave a trail of what he did in a number of
areas on the LAN.  I'm now the de facto network admin for this Windows
Server 2003 Enterprise Edition server.

The consultant had used DynDNS.org to set up a free DNS account to
connect to the company VPN.  When the modem was reset (Gosh!  Who did
that?) the IP address was reset, too.  Since I don't know the login or
password for the DynDNS.org account, I couldn't simply change it
there...so I set up another DNS account using my own DynDNS account.
I picked a domain name for the new IP address and *I can ping it
OK*...but I can't connect to the company VPN.

For whatever reason, our own cable modem at home acquired a new IP
address, too, at about this same time...so I'm wondering if the
company VPN is disallowing connections from a "foreign" IP address.

So my FIRST QUESTION is, where do I look in Windows Server 2003 to
determine if there are only certain IP addresses that are allowed to
dial in via Remote Desktop?

I talked with the cable company about another possibility: that maybe
the modem/router itself was blocking access to port 3389 (the Remote
Desktop port) since I bone-headedly reset the darned thing.  The tech
support guy said that their equipment doesn't block ANY Internet
ports.  I thought this odd since our own little D-Link router here at
home blocks everything by default UNLESS you tell it otherwise.
That's what I've done to allow us to Remote Desktop into our own PCs.

So my SECOND QUESTION is, was the cable support guy perhaps not giving
me the straight scoop about the modem/router's being open to
everything?

One other thing.  The IPCONFIG /all report on the server used to show
that the Default Gateway was some IP address like 67.43.something.
Now the Default Gateway shows 192.168.something...a local address.

So my THIRD QUESTION is, might that big change in Default Gateway IP
address be contributing to our problems resetting the Remote Desktop
capability?

Sorry for all the questions, but I only have a fairly mediocre
knowledge of IP networking.  Enough to be a danger to myself and
others (like, by resetting modems and stuff)...but not enough to solve
problems like these.

Thank you all.

Regards,

Steve Erbach
Neenah, WI

More information about the dba-Tech mailing list