Home Forums Remote Web Access - iffy.

Hi,

I'm having trouble accessing one of my VMWare workstations via Remote Web Access. There are two VM workstations. One is exhibiting no problems. It's a Windows 7 Pro x64 machine. The one I'm having problems with is a Win 7 Pro x86, although I don't think that's the issue.

I even had trouble with RDC'ing into this machine from within our physical network. However, when I assigned a static IP to it and tried RDC'ing from within the network using the IP and not the machine name, it connected fine. The problem is, trying to connect via Remote Web Access still isn't working.

I should note that this workstation is hosting the iTap app, if that makes any difference.

The second question might be: Is Remote Web Access the tool of choice for you network admins? It's never been spot-on for us. Something is always going wonky with it. I'm wondering if something like Teamviewer is a more robust solution. Not as elegant and uniform, but more dependable?

Any thoughts?

Remote Web Access needs the DNS entry for the computer you're trying to RD into. So assume you set a static IP, your RD Gateway server has no way of knowing what that is since you set it statically on that machine. RDP Gateway basically authenticates using your domain credentials then finds the corresponding address for the LAN computer using the DNS entry. It's better to use DHCP Reservations instead of Static IPs if you need a fixed address. Also, you can also use MAC Address filtering (as Indy often recommends) while you're at it since you need the MAC address to make a DHCP reservation.

RDP seems to work pretty flawlessly in the offices I've set up.

Personally, I like to keep a multitude of remote access methods in case of emergency.
1. IPMI (Hardware Level Remote Control, only used in extreme situations, often only on the server)
2. LogMeIn (doesn't need static IPs/auto syncs in case something happens to the Dynamic DNS client/IP Adress., I have Central and Ignition, mainly used for support/showing people where stuff is)
3. RDP (main thing I use to work on the server, fastest and easiest)

Your issue seems to be a DNS problem. The machine name is not resolving to the IP Address, hence you're not able to connect. You can set a reservation/double check your settings. Make sure the that SBS is the DNS Server. In Essentials, they often recommend using the Router's DHCP so make sure the IP Address is the SBS DNS Server not the router.

E.g.
Computer IP 192.168.1.11
Gateway 192.168.1.1 (Router's IP)
DNS Server 192.168.1.2 (SBS Essentials Server)

Are you NICs in bridged mode or NAT in the VMs? Make sure they are in bridged mode so they are getting IPs from the external DHCP server not the VM host.

- Sorry - I was indeed using DHCP/Mac Address reservations via the router.
- Bridged mode, and "Replicate physical network connection state" is unchecked.
- Port 443 is being forwarded to the Server IP address (again, DHCP reserved via Mac Address).

Apparently, some of this is set up right because I can access some of the workstations, but not others. So at the server, the request to patch me through Workstation "X", is sometimes being returned as, "I have no idea who that is." So yes, it appears to be a DNS problem. So given the above parameters that I've set, where do I start poking around?

Are you using the FQDN when your RDP? E.g. exam1.domain.local or just exam1. Ping exam1 and see what IP it resolves to.

If you've already reserved the DHCP entry on the router, make a DNS entry in SBS 2011 for the computers with the issues. This is a common occurrence when you're not using the DHCP in SBS 2011. The connect utility is supposed to do this automatically.

Pinging results all over the map. Some are reachable, and some are not, regardless of FQDN. And there doesn't appear to be a common theme. Some have IP addresses set to Auto, and some have DHCP-reserved via Mac Address (through the router).

At this point, I'm hoping swapping out the router with the DIR-655 will solve the problem, but I'm not sure...

I'll try making a DNS entry in the SBS 2011 as well tomorrow.

It's definitely an issue with DNS then. Happens all the time. Especially on P2P, the NetBios names often don't resolve between versions of Windows. Sometimes even with the same versions of windows. Pretty sure adding DNS entries to SBS 2011 will resolve your issues. I would consider moving DHCP to the SBS too. There's a video tutorial on how to do this in the General Discussion Page.

I will try adding the DNS entries.

Do you use the connector software? I mean - I'm sure a lot of this is my inexperience and incompetence (lol), but the connector software has given me an inordinate amount of grief, and not only with regards to this network.

Would you recommend having SBS assign the IP addresses instead of the DIR-655? Is that the practice you follow on your small networks?

I do use DHCP on the server over the router. Like I said earlier, the router is basically an internet gateway for me. I've noticed all of my name resolution issues disappear when I use Windows DHCP and DNS over a home router's.

If you want an "enterprisey" router, you should check out DD-WRT enabled routers. Those will give you lots of advanced options.

I usually use the connect utility. Hasn't really given me many problems with the exception one case where the person had Symantec antivirus and it shut off an important service for name resolution even after uninstall. Took hours and hours to figure out that was it. But manual joining wasn't working either so I wouldn't blame it on the connect utility. I've pretty much made it standard practice to start fresh when doing installs (it's a prerequisite since I don't want to waste hours correcting every issue along the way). When upgrading, the installs are often "dirty" since they weren't setup properly in the first place. Rather than spending hours and hours isolating the issue, I go for a full reformat/fresh start with one of my clean images.

Well, I started poking around the DNS area, and it was a mess.

- Multiple entries for the same computer.
- Old computers that were no longer on the network.
- Addresses that weren't even in our pool.

Once again, you saved the day.

Glad to hear everything is working. Yea, SBS Essentials tries to fit in that middle ground, but unless you're using one of their certified routers, things get lost in translation. Of course you could always just setup DHCP on the Server, but they thought that was too complex. There's a video tutorial if you wish to go that route however.

These are some of the ones they recommend:

Late to the party, but wanted to add some additional information. Just as one begins to understand the domain controller and DNS and the server being a static IP with its also being the DHCP server, along comes SBS 2011 Essentials and changes everything around. The default with Essentials is to use the router as the DHCP server essentially making the server a client and using the router to access the Internet.

However, Best Practices will recommend that after the beginning, one assign a static IP address x.2 being the safest to the server, once again making it king of DHCP and DNS. Interestingly, SBS 2003 and 2008 uses forwarders to send requests for web sites to your ISP. But, in the beginning, it forwards them to the routers' IP.

Here are three blogs that will help with some of the issues.

Running DHCP Server on SBS 2011 Essentials With a Static IP
http://blogs.technet.com/b/sbs/arch...bs-2011-essentials-with-a-static-ip.aspx

The Basics of Local DNS for Small Business Server 2011 Essentials
http://sbs.seandaniel.com/2011/06/basics-of-local-dns-for-small-business.html

Windows Small Business Server 2011 Essentials Build document
http://social.technet.microsoft.com...bs-2011-essentials-build-info-en-us.aspx

@Gobruins I wasn't referring to you at the beginning of this post.

I absolutely cringe at making a router the DHCP server. That is like making a medical student head of the department of surgery. Sorry Sandeep.

As do I, that's why in the SBS Essentials tutorials I added that section on adding DHCP to SBS Essentials.

So after deploying some of the tips I just picked up from you guys, the network seems to be snappier in general. Remote Web Access seems to be faster, and so far more reliable (fingers crossed).

I don't know if the Dlink Dir-655 is on that list, but I feel like we made a good choice (for us anyway - small office setting). With over 2000 reviews on Amazon, help is everywhere. With IT, sometimes there is safety and comfort in numbers, even if it's not cutting edge. I also bought the Dlink 24-port router on your recommended list, and I'm happy with the decision as well.

I just let SBS Essentials configure the router via UPnP. Afterwards, I assumed that there would be entries in the Port Forwarding section, but didn't find any. The other router I considered was the WRT54GL (flashed with DD-WRT), but the wireless performance might have suffered.

Once the dust has settled, I am probably going to move the DHCP function over to the server.

Once again - much thanks.

Did you get PoE. Glad everything else is OK.

UPnP doesn't add entries to the portforwarding table. Basically SBS tells the router I needs these ports open, so it opens them whenever SBS asks. (Which it does 24/7) I would add the entries to the port forwarding table just to be safe and make sure the SBS has a reserved IP.

Not sure if this was directed at me, but no, I didn't get a model that does PoE. I picked up this one:

DLink Router

In the future - if I were to pick up a more advanced router (Cisco), what specific models should I be looking at?

I SCREWED UP AS I WAS REFERRING TO A SWITCH. But I was trying to help you. That's a fine router, and if you ABSOLUTELY know you will never go VoIP, then you don't need Power over Ethernet. I knew I would so I paid the extra.

TO BE SURE, I AM TALKING ABOUT A SWITCH SO I AM REALLY SPEAKING IGNORANTLY, LOL.

So, I wouldn't worry about it for a router as it doesn't apply. My switch costs about a $1,000, probably would have been around $700 with no PoE.

It is nice, because it powers all of the phones so you don't have to plug each phone in directly. By the time you pay for all of the adapters, it kind of pays for itself. My office is shared with another office, and we have the same VoIP. His has wires everywhere as he doesn't have more than one drop and no PoE. With PoE, you only need one nice UPS for the switch. Without it, you need it for each phone which, of course, can be shared with the computer.

Like those who don't do two or three drops for each computer, those who don't do PoE, regret it later. I did two drops in my office, and now I have four and am still using a five port switch. Not all five ports. I would say two for each room/computer, three or four for your office, and five or six for your front office. Remember, you end up getting a networked MFC, a networked Star printer, a networked printer you didn't think you would need. Then another computer, and you are adding installing Ethernet jacks everywhere.

Something to think about down the road.

How about Cable vs. DSL? Is cable that much better? If yes, is there one provider that is better than another. Right now, we pay Verizon about $45/mo for 3mbps down / 768K up.

The VOIP also sounds very interesting. But how would you handle a situation where you were w/o power for say....a couple of days?

So, cable is generally faster, and I feel more reliable. It's hard to say if Roadrunner vs Comcast, etc. is better. Depends what section you are in. Speed is up to you, but 768 up is fine, but if you use the cloud, it probably isn't quite fast enough or at least I doubt you will like the speed.

Cable, as you know, is shared so the afternoon kids playing online Mortal Combat will slow it down, but I have never noticed this to be a problem at those speeds. DSL or likely SDSL will give you your own line with speeds now that are usually the same up and down. It also depends how far you are from the central office as to speeds
AND if you can even get it. It has improved a lot lately as far as how far you can get it. I would guess around seven miles now from the CO where it used to be about 1.5, but it all depends.

The speeds you are quoting sound a lot like private cable and not commercial. First, they may not want you to use non-commercial if they know you are commercial. Generally speaking, if you want a static IP, you would need commercial and those generally come with 5 static IPs and two non-useable at each end. If you are going to use DHCP, you will want commercial. Overall, in my opinion, those are speeds from five years ago. I have 50Mb/s down and around 10 up. The other thing which goes back to PoE if thinking about VoIP, you are going to want at least 1Mb/s up. You can get away with 1Mb/s if you use DSL. Could run into trouble using cable at that speeds. Either way, you will likely have QoS or Quality Of Service which will govern the speed so that voice always takes precedence over data.

Please tell me more about your VoIP setup. Provider, hardware, etc.

Well, there are a number of ways to do it. You can set up a VLAN (Virtual LAN) on your switch and/or run it over your existing LAN splitting it with another router. Most would go with a VLAN. The host company could set that up. We just happened to have enough drops and got free DSL for one up and one down so no real need for QoS.

So basically, got a DSL modem to a router to a switch. Ran all the runs to Ethernet jacks for each phone. Once plugged in, they have power, boot up and find the server where it's hosted. You could host it yourself, but I think that would be a bit much. So, all calls go to the host company and are routed to your network. You just want to make sure that the voice is very clean, which means they need to show there are no loss of packets. It is highly recommended that you keep you existing POTS running until you know the VoIP will be perfect. I would talk to at least three people who use the company and call support before purchase five or six times at all hours of the day and night. Our support answers in about ten seconds or less.

You manage it using your browser from home or at work. Each user has a portal as well. It's like Google Voice on steroids. Keep in mind that it isn't like paying for three phone lines and then putting as many phones as you want on the line. You basically purchase the phone and then pay a monthly charge for that phone or "seat." Of course, the cool thing is if you go to a conference, you can take the phone with you, plug it into an Ethernet jack and it is like you are in the office. If you don't mind paying the extra $18.00 per month (which would be crazy), you could keep one at home and actually call someone on their extension. (Not even dial the phone).

Perhaps an idea of the pricing would be good for a hosted PBX. They are pretty universal and do not typically depend on your location. A popular one called Ring Central is $30 per month per device. Much like cell phone providers VoIP providers subsidize the cost of the phone to get you in a contract. I believe they have a buy 1 IP phone, get 1 free deal going on now. Other "hidden" costs for you would be the price of a PoE Switch and a internet connection (with sufficient bandwith and reliability). Most of the phones have a pass through which means you can hook up your phone and computer using a single ethernet line from the wall. (Hint hint, make sure you get the gigabit version of the phones in that case). The phone will automatically prioritize its traffic over the computers eliminating the need to VLAN. Also most VoIP phones have a special packet which tells even the most basic of networking devices to prioritize its traffic. Also looks pretty clean.

However, if you do it as Bert does with two separate ISPs, then you need VLANs or separate physical switches. Usually people use VLANs when they have an onsite PBX/non hosted VoIP. Note he has the freedom to switch between a hosted VoIP service and an onsite one with SIP trunks as a result of his isolated setup.