Jump to content
Forum²

Recommended Posts

Posted

Hey guys-

I am new to most this stuff, just trying to figure it out for my work. I have a domain name being forwarded & masked to myip/ts. Users go to www.mydomain.com and it gets them to the TS Web Access login screen. HOWEVER- on the Remote Desktop tab, in the Connection Options--> Connect to: box, I have to input the IP Address of our site in order for it to allow us to login. Is there a way to setup an alias name so that the users don't have to try to remember an IP Address to log in with instead?

 

So- I'd like them to be able to enter 'aliasname' in the Connect to: box instead of the IP Address of our site. Is this possible?

Thanks for all the help!!!

Posted
When you say that you have to put in the IP address of your site, is that a public IP address or are you talking about having to put in private IP addresses for internal computers? If the address you are putting in is a public IP address, you should be able to create a DNS record with a hostname for that IP address. If your DNS is hosted by someone else, you will have to ask them to make the change.

error.gif.d5558e1634fffc1377d623d36f18c44e.gif

Posted

When you say that you have to put in the IP address of your site, is that a public IP address or are you talking about having to put in private IP addresses for internal computers? If the address you are putting in is a public IP address, you should be able to create a DNS record with a hostname for that IP address. If your DNS is hosted by someone else, you will have to ask them to make the change.

 

Well- I have the site hosted at GoDaddy. I've already got the domain name pointed at the IP Address, so I can go to www.mydomain.com and it pulls it up. HOWEVER- once you get the TS Web Access screen up- it's the 'Connect To' text box that I'm referring to.

 

It's a public IP address. If I put in my domain name in that 'Connect To' text input box, it doesn't work. It only works if I put the public IP address in there. Any ideas?

Posted

Well- I have the site hosted at GoDaddy. I've already got the domain name pointed at the IP Address, so I can go to www.mydomain.com and it pulls it up. HOWEVER- once you get the TS Web Access screen up- it's the 'Connect To' text box that I'm referring to.

 

It's a public IP address. If I put in my domain name in that 'Connect To' text input box, it doesn't work. It only works if I put the public IP address in there. Any ideas?

 

I'm assuming that your terminal server is pointing to your inside DNS server. Is your internal active directory domain also mydomain.com? Do you have a host record on your internal DNS that has the hostname and IP address for www.mydomain.com?

Posted

I'm assuming that your terminal server is pointing to your inside DNS server. Is your internal active directory domain also mydomain.com? Do you have a host record on your internal DNS that has the hostname and IP address for www.mydomain.com?

 

ok, you're really losing me on all that. Can you explain in 'for dummies' terms? I appreciate it!

Posted

ok, you're really losing me on all that. Can you explain in 'for dummies' terms? I appreciate it!

 

No problem.

 

Computers use DNS (domain name system) to resolve host names to IP addresses. When you setup the TCP/IP properties for a network connection, you either specify the DNS server statically, or you set up your DHCP server to give out the DNS server address when it hands out host IP addresses.

 

So, when you type, for example, www.google.com in your browser, your computer sends a query to whatever DNS server it is pointed to and asks what the IP address is. If that DNS server doesn't know, it will usually forward the request up a root DNS server or other server to try to resolve the address. If your computer receives an IP address in response, then it goes ahead and forward the request for the google web page off to that IP address. If it gets no IP address, you get the server cannot be found error in your browser. Thus, when you say that putting the IP address in the terminal server page works, but using the hostname doesn't, it makes me suspect a DNS lookup problem.

 

Now, you say that putting in www.mydomain.com works for external users to get to your terminal server which should be true as you say that you have registered your domain and that host with your provider. So external look up are fine. But when you put the hostname in the terminal server box, that is where it fails. So the terminal server is not connecting the hostname with the IP address.

 

So, the question now is how is your terminal server set up for DNS.

 

If you have a Windows active directory domain structure, then you will have at least one internal server that is running DNS. You can't setup a Windows domain controller without one. So if you have a Windows domain, then your terminal server is probably pointing at your internal DNS server.

 

Now, this wouldn't cause a problem if your internal domain is different from your public domain name. So, your Windows domain could be something like mydomain.local, but all of your public-facing servers are mydomain.com. In that case, when you terminal server asks your DNS server for the IP address of www.mydomain.com, your DNS server says "I don't know, but I only know the addresses for mydomain.local. Let me send that off to try to find the IP address for you." And then it eventually gets a response back from your DNS hosting provider and gives you the correct IP address.

 

But, if your internal domain name is mydomain.com and your public-facing domain name is also mydomain.com, then when your terminal server asks your DNS server for the IP address of www.mydomain.com, your DNS server says "I don't have a record of a host named 'www'. I'm in charge of this domain so if I don't have this record then no one does. Therefore there is no such server." This problem can be overcome by manually entering host records on the internal DNS server for all of your public-facing servers -- basically duplicating all of the entries you have your DNS hosting company make.

 

Anyway, that is all assuming that your internal network is a Windows domain with a DNS server. If you only have this one server, and it is pointing out to a DNS server on the internet somewhere, then there is another problem, but probably still related to DNS.

NAT.thumb.jpg.e5bae85ab7f4427b5230c4e13a06b2e1.jpg

Posted

No problem.

 

Computers use DNS (domain name system) to resolve host names to IP addresses. When you setup the TCP/IP properties for a network connection, you either specify the DNS server statically, or you set up your DHCP server to give out the DNS server address when it hands out host IP addresses.

 

So, when you type, for example, www.google.com in your browser, your computer sends a query to whatever DNS server it is pointed to and asks what the IP address is. If that DNS server doesn't know, it will usually forward the request up a root DNS server or other server to try to resolve the address. If your computer receives an IP address in response, then it goes ahead and forward the request for the google web page off to that IP address. If it gets no IP address, you get the server cannot be found error in your browser. Thus, when you say that putting the IP address in the terminal server page works, but using the hostname doesn't, it makes me suspect a DNS lookup problem.

 

Now, you say that putting in www.mydomain.com works for external users to get to your terminal server which should be true as you say that you have registered your domain and that host with your provider. So external look up are fine. But when you put the hostname in the terminal server box, that is where it fails. So the terminal server is not connecting the hostname with the IP address.

 

So, the question now is how is your terminal server set up for DNS.

 

If you have a Windows active directory domain structure, then you will have at least one internal server that is running DNS. You can't setup a Windows domain controller without one. So if you have a Windows domain, then your terminal server is probably pointing at your internal DNS server.

 

Now, this wouldn't cause a problem if your internal domain is different from your public domain name. So, your Windows domain could be something like mydomain.local, but all of your public-facing servers are mydomain.com. In that case, when you terminal server asks your DNS server for the IP address of www.mydomain.com, your DNS server says "I don't know, but I only know the addresses for mydomain.local. Let me send that off to try to find the IP address for you." And then it eventually gets a response back from your DNS hosting provider and gives you the correct IP address.

 

But, if your internal domain name is mydomain.com and your public-facing domain name is also mydomain.com, then when your terminal server asks your DNS server for the IP address of www.mydomain.com, your DNS server says "I don't have a record of a host named 'www'. I'm in charge of this domain so if I don't have this record then no one does. Therefore there is no such server." This problem can be overcome by manually entering host records on the internal DNS server for all of your public-facing servers -- basically duplicating all of the entries you have your DNS hosting company make.

 

Anyway, that is all assuming that your internal network is a Windows domain with a DNS server. If you only have this one server, and it is pointing out to a DNS server on the internet somewhere, then there is another problem, but probably still related to DNS.

 

 

WOW. That's a lot of info. THANK YOU! I follow *MOST* of it... but not sure how to correct it. This type of stuff really loses me, if you can't tell. Maybe if I describe to you what we have- you can tell me how to fix it?

 

We have a virtual server from GoDaddy (just one server, no others). I, as well as my co-workers, will be connecting to it from home or the office- no internal network, LAN, or anything. It's a Windows 2008 Server. I haven't done any DNS setup, or anything you described on it, other than getting the TS Web Access installed/working.

 

At GoDaddy- I pointed our www.domain.com to the IP Address of our server. If memory serves, I also did forwarding/masking so that it points to *IP ADDRESS*/ts (the url of the TS Web Access page), but looks like the user just typed in www.domain.com and it pulled up the TS Web Access page...

 

When you login via this TS Web Access page, it only recognizes the IP Address. It won't give access if I type in domainname or whatever. Obviously I don't want me/co-workers to have to type in an IP, I want them to be able to type in domainname to be able to login.

 

That's all I know. I haven't done any DNS setup on the server itself. Is that what I need to do here? Can you give me steps on how to check/correct this problem?

 

I sincerely appreciate all the help! Obviously, I've never done this stuff before- but I DO learn pretty quick! Just under a lot of pressure from the boss to get this project completed.

Thanks a TON!!!

Posted

WOW. That's a lot of info. THANK YOU! I follow *MOST* of it... but not sure how to correct it. This type of stuff really loses me, if you can't tell. Maybe if I describe to you what we have- you can tell me how to fix it?

 

We have a virtual server from GoDaddy (just one server, no others). I, as well as my co-workers, will be connecting to it from home or the office- no internal network, LAN, or anything. It's a Windows 2008 Server. I haven't done any DNS setup, or anything you described on it, other than getting the TS Web Access installed/working.

 

At GoDaddy- I pointed our www.domain.com to the IP Address of our server. If memory serves, I also did forwarding/masking so that it points to *IP ADDRESS*/ts (the url of the TS Web Access page), but looks like the user just typed in www.domain.com and it pulled up the TS Web Access page...

 

When you login via this TS Web Access page, it only recognizes the IP Address. It won't give access if I type in domainname or whatever. Obviously I don't want me/co-workers to have to type in an IP, I want them to be able to type in domainname to be able to login.

 

That's all I know. I haven't done any DNS setup on the server itself. Is that what I need to do here? Can you give me steps on how to check/correct this problem?

 

I sincerely appreciate all the help! Obviously, I've never done this stuff before- but I DO learn pretty quick! Just under a lot of pressure from the boss to get this project completed.

Thanks a TON!!!

 

 

OK- I installed the DNS role on the server. I THINK I configured it properly. I did forward zone only, setup a new zone file, did NOT forward requests which allows ROOT DNS lookups... is this right?

Posted

WOW. That's a lot of info. THANK YOU! I follow *MOST* of it... but not sure how to correct it. This type of stuff really loses me, if you can't tell. Maybe if I describe to you what we have- you can tell me how to fix it?

 

We have a virtual server from GoDaddy (just one server, no others). I, as well as my co-workers, will be connecting to it from home or the office- no internal network, LAN, or anything. It's a Windows 2008 Server. I haven't done any DNS setup, or anything you described on it, other than getting the TS Web Access installed/working.

 

At GoDaddy- I pointed our www.domain.com to the IP Address of our server. If memory serves, I also did forwarding/masking so that it points to *IP ADDRESS*/ts (the url of the TS Web Access page), but looks like the user just typed in www.domain.com and it pulled up the TS Web Access page...

 

When you login via this TS Web Access page, it only recognizes the IP Address. It won't give access if I type in domainname or whatever. Obviously I don't want me/co-workers to have to type in an IP, I want them to be able to type in domainname to be able to login.

 

That's all I know. I haven't done any DNS setup on the server itself. Is that what I need to do here? Can you give me steps on how to check/correct this problem?

 

Okay, it sounds like the question may be, then, whether your server is setup to point to anything for DNS.

 

Go to your server's control panel >> Network and Sharing Center >> Network Connections and go into the Properties of the Local Area Connection then highlight the TCP/IPv4 line and click the Properties button. What does it list for DNS servers? If there is nothing listed for a DNS server, you can put in 4.2.2.1. That's a public DNS server hosted by Level 3 Communications and should work.

 

Another way to check that is to go to a command prompt and type "nslookup". It should tell you what the default server is. You can then type www.mytestdomain.com at the prompt and if DNS is working it should return the IP address.

 

 

You may want to run the nslookup first, then if there is no default server, check the TCP/IP settings and add the DNS server if there isn't one, and then go back to nslookup and check again.

 

If nslookup is resolving the address and there are DNS servers configured but the TS page still won't accept the hostname, then there is a different problem.

Posted

ok- here's something odd that I can't understand...

 

At GoDaddy- they assigned an IP Address of our server. Now, I pointed the domain name to that IP Address/ts, and it works great. HOWEVER- when I PING that domainname.com, it gives me a COMPLETELY different IP Address than the one GoDaddy assigned our server.

 

NOW- If I Ping the IP Address that GoDaddy Assigned us- the request times out. That just doesn't make any sense to me. The server is up/running perfectly fine. What am I missing?

Posted

OK- I installed the DNS role on the server. I THINK I configured it properly. I did forward zone only, setup a new zone file, did NOT forward requests which allows ROOT DNS lookups... is this right?

 

That sounds ok so far. You will need to check and make sure that the server is setup to point to itself as the DNS server now that you have added that role. Then you will also need to add a New Host record in the forward lookup zone for www.mydomain.com with the public IP address that you're using.

Posted

ok- here's something odd that I can't understand...

 

At GoDaddy- they assigned an IP Address of our server. Now, I pointed the domain name to that IP Address/ts, and it works great. HOWEVER- when I PING that domainname.com, it gives me a COMPLETELY different IP Address than the one GoDaddy assigned our server.

 

NOW- If I Ping the IP Address that GoDaddy Assigned us- the request times out. That just doesn't make any sense to me. The server is up/running perfectly fine. What am I missing?

 

Unfortunately, it's hard to say for sure, but probably has to do with how GoDaddy runs its hosted server farm. It is likely that they are doing some load-balancing and forwarding which is what causes the ping addresses to be weird. You can see similar results from other large entities like Google and Amazon. For pinging directly to your IP address, they may have a firewall or filter to block ping by default. Sadly, these make diagnosing network issues difficult. You may be able to ask them if they can allow pings to your public IP address, at least for diagnostic purposes until you get your site up and running.

Posted

Okay, it sounds like the question may be, then, whether your server is setup to point to anything for DNS.

 

Go to your server's control panel >> Network and Sharing Center >> Network Connections and go into the Properties of the Local Area Connection then highlight the TCP/IPv4 line and click the Properties button. What does it list for DNS servers? If there is nothing listed for a DNS server, you can put in 4.2.2.1. That's a public DNS server hosted by Level 3 Communications and should work.

 

Another way to check that is to go to a command prompt and type "nslookup". It should tell you what the default server is. You can then type www.mytestdomain.com at the prompt and if DNS is working it should return the IP address.

 

 

You may want to run the nslookup first, then if there is no default server, check the TCP/IP settings and add the DNS server if there isn't one, and then go back to nslookup and check again.

 

If nslookup is resolving the address and there are DNS servers configured but the TS page still won't accept the hostname, then there is a different problem.

 

ok- here you go-

 

Did the command prompt nslookup thing-

it says Default Server: ip-208-109-188-8.ip.secureserver.net

Address: 208.109.188.8

 

--> THIS IS NOT the ip address of my server, btw...

 

then I typed www.mydomain.com-->

Default Server: ip-208-109-188-8.ip.secureserver.net

Address: 208.109.188.8

 

Non-authoritative answer:

Name: mydomain.com

Address: xx.xxx.xxx.xxx *NOTE- this is NOT the IP of my server! No idea what this is)

Aliases: www.mydomain.com

 

 

THEN I did the other thing you described...

It shows 'Use the following IP Address:

IP Address: 10.0.0.1

Subnet mask: 255.255.255.0

Dafault Gateway: 10.0.0.254

 

Use the following DNS Server address:

Preferred DNS Server: 208.109.188.8

Alternative DNS Server: 208.109.188.9

**(again, neither of these are my server's IP Address)

 

 

Any ideas?

Posted

That sounds ok so far. You will need to check and make sure that the server is setup to point to itself as the DNS server now that you have added that role. Then you will also need to add a New Host record in the forward lookup zone for www.mydomain.com with the public IP address that you're using.

 

Oh man, this is WONDERFUL help! I cannot thank you enough! My head is spinning now- seriously. LOL. How do I go about doing this stuff? ie- pointing the server to itself as the DNS server? I THINK I did already add a New Host Record in the forward zone... checking now...

 

ok- in the forward zone record... I have NONE for Dynamic Updates.

SOA I didn't touch anything- but it has serial as '4', a name for primary server (I believe that's the name of the actual machine we gave it), responsible person is hostmaster (again, didn't touch anything in here either).

Name Servers I have 2 listed- both are pointing to my IP Address GoDaddy Assigned us.

WINS is blank

Zone Transfers: Allow Zone Transfers, only to servers listed on the Name Servers tab

--> That's it in that window

 

Back in the Server Manager window, I have a sub-folder underneath the new forward zone folder titles 'com'. I assume that's from the NS I assigned it- mydomain.com???

 

So, ASSUMING that's all right- how do I point the server to itself for the DNS Server?

Thanks!!!

Posted

ok- here you go-

 

Did the command prompt nslookup thing-

it says Default Server: ip-208-109-188-8.ip.secureserver.net

Address: 208.109.188.8

 

--> THIS IS NOT the ip address of my server, btw...

 

then I typed www.mydomain.com-->

Default Server: ip-208-109-188-8.ip.secureserver.net

Address: 208.109.188.8

 

Non-authoritative answer:

Name: mydomain.com

Address: xx.xxx.xxx.xxx *NOTE- this is NOT the IP of my server! No idea what this is)

Aliases: www.mydomain.com

 

 

THEN I did the other thing you described...

It shows 'Use the following IP Address:

IP Address: 10.0.0.1

Subnet mask: 255.255.255.0

Dafault Gateway: 10.0.0.254

 

Use the following DNS Server address:

Preferred DNS Server: 208.109.188.8

Alternative DNS Server: 208.109.188.9

**(again, neither of these are my server's IP Address)

 

 

Any ideas?

 

 

Okay, that's good info and shows what is probably the problem. When you are putting in www.mydomain.com into the TS window, the server is sending it off to that IP address instead of processing it locally.

 

First, add the host record in DNS on your server for www.mydomain.com. This page shows how to do on an earlier operating system, but it hasn't really changed in Windows 2008. Then in the TCP/IP properties where it shows the two DNS servers, change the primary DNS Server to 127.0.0.1 -- that's means to look at itself for the IP address. After making those changes, try the nslookup again.

Posted

ok- on Step 6 from that link you posted- I actually used 255.255.255.255. When I tried to use my given IP Address- it said it couldn't do it because the Reverse Lookup something or other couldn't be found. It accepted 255.255.255.255 tho. Is that ok?

 

Changed the primary DNS as you said. Now the nslookup says:

Default Server: localhost

Address: 127.0.0.1

 

Is that right? Are we done and working? LOL- thanks... let me know where to go from here.

Posted

ok- just logged OUT of remote desktop- and tried to log back in...

 

In the Connect To: box on the TS Web Access screen- I typed in 'mydomain.com'. It took a while, then came back with this message-

 

'This computer can't connect to the remote computer because the Terminal Services Gateway server address is unreachable or incorrect. Type a valid server address'

 

What's that mean?

 

Now- just as before, if I type in the IP Address in the 'Connect To:' box- it works perfectly. Ideas???

Posted

ok- on Step 6 from that link you posted- I actually used 255.255.255.255. When I tried to use my given IP Address- it said it couldn't do it because the Reverse Lookup something or other couldn't be found. It accepted 255.255.255.255 tho. Is that ok?

 

 

No, that won't work. 255.255.255.255 is a broadcast address, so again the server will be sending your connection off into the ether rather than processing it itself. Try using 127.0.0.1 there as well.

 

 

ok- just logged OUT of remote desktop- and tried to log back in...

 

In the Connect To: box on the TS Web Access screen- I typed in 'mydomain.com'. It took a while, then came back with this message-

 

'This computer can't connect to the remote computer because the Terminal Services Gateway server address is unreachable or incorrect. Type a valid server address'

 

What's that mean?

 

Now- just as before, if I type in the IP Address in the 'Connect To:' box- it works perfectly. Ideas???

 

You shouldn't be typing 'mydomain.com' but rather the whole fqdn for your server, which I think you said earlier was 'www.mydomain.com'.

 

If we're still having problems setting up dns on your server, it may be faster to remove the DNS role and find another DNS server that resolves your host properly. There obviously are some as you can connect to the terminal server from your remote client machines.

Posted

No, that won't work. 255.255.255.255 is a broadcast address, so again the server will be sending your connection off into the ether rather than processing it itself. Try using 127.0.0.1 there as well.

 

 

 

 

You shouldn't be typing 'mydomain.com' but rather the whole fqdn for your server, which I think you said earlier was 'www.mydomain.com'.

 

If we're still having problems setting up dns on your server, it may be faster to remove the DNS role and find another DNS server that resolves your host properly. There obviously are some as you can connect to the terminal server from your remote client machines.

 

 

ok- that's not working. Here's an error I'm getting once I attempt either www.mydomain.com or mydomain.com-

The computer can't connect to the remote computer because the Terminal Services Gateway Server address is unreachable or incorrect.Type a valid server address

 

Now I type in either one (www.mydomain.com or mydomain.com) in the connect to: box, IE pops up a window talking about the certificate and asking if I want to accept it. I do. Then it pops up a DIFFERENT login box asking for my credentials in the form of a login/password. Once I try various logins on THAT screen, it pops up that error message.

 

When I google that error message, other people are talking about the certificate and port forwarding this and that. I haven't forwarded any ports, and I believe the certificate I setup was something to do with a 120 day free certificate- and I would need to purchase a different certificate after 120 days. I have no idea what all that means... but maybe that helps describe the problem?

 

I guess I don't get why it works perfectly when using the IP Address in the 'Connect To:' box, but not a DNS. Weird. Any ideas?

Thanks soo much!!!

Posted

Okay, I've gone through setting up ts web access on a virtual server just to see it fresh and think I've probably led you through more than we needed to do.

 

At this point, why don't you go ahead and set the primary dns on your server back to what it was originally set to, 208.109.188.8, and let's look at this afresh.

 

 

Let me make sure that I understand what you are doing, too.

 

1) You have one hosted virtual server that is running terminal services and TS Web Access.

2) You and users access that server by going to http://www.mydomain.com/ts. This works and you get to the TS Web Access site.

3) When you click the Remote Desktop button and put www.mydomain.com in the Connect to: box and click Connect, you get a certificate error.

4) When you click Yes to connect despite the error, you get a login box. Attempts to login fail.

5) If in step 3 you put in the IP address rather than www.mydomain.com logging in works.

 

Is that a correct summary so far?

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...