Sorry in advance if this question is a bit newbi-ish. I downloaded Microsoft Connection Manager and added multiple .rdg files for different servers I need to access. I can browse to only a few of them, but most of them I get the following errors:
- Unable to decrypt password
- Cannot establish a connection
I have checked the passwords and credentials and they appear to be correct (checked against a collegues' settings). I can ping the servers and I get get a reply from them but cannot connect to them through Connection Manager.
Also, for two of the servers I can navigate to them in the browser (but cannot connect to them in Connection Manager)
As I know very little about servers and networks, I would like to know how I can investigate this further and find out (and fix) why some of them are connecting and some aren't – especially as I can ping them but not connect to them? The main thing that puzzles me is why I can browse to them in the browser for some of the servers, or ping them when they cannot be connected to in Connection Manager.
I have seen a few solutions to similar problems on the net that recommend clearing the tcp ip stack; but I'm not sure if this applies to the above. Could this be related to permissions?
What things can I do to investigate/fix this problem?
Best Answer
Just because you can ping a system or connect to it through a web-browser does not mean you can connect through other methods. Since you are a "newbie" as you put it, ill explain it in layman's terms. Computers use certain ports to communicate with other systems and to allow communication to their own system. Services run on certain ports to allow connections from other computers. For example, when you connect to Google.com, you use a web-browser which sends out a connection to Google.com (connecting to google) on port 80 (Http) or 443 (Https). I put TO GOOGLE there because your system doesn't use port 80 to send the outbound connection, it is connecting TO GOOGLE on port 80. There is a lot of other stuff that goes on in the background (DNS, NAT, etc.) but I'm trying to keep this as simple as possible.
Depending on the network configuration, perhaps port 80/443 (Http/Https) are allowed through (a firewall, VLAN trunk, etc.) but 3389 (RDP) is not. Maybe the server you are trying to RDP into doesn't even allow RDP connections (no port/service listening). Maybe it should but the exception wasn't added to that systems local firewall or perhaps the standard 3389 port has been changed.
There are a variety of factors but the first thing that comes to mind in MY environment at work is trunking. We have over 25 VLAN's on our Cisco Catalyst 6513 switch. One VLAN is for the commons area (students can use systems) and one is for management. Each VLAN is restricted from the other with certain conditions. Now from the commons, I can ping management systems, but if I wanted to connect through RDP, HTTP, SMTP, SSH, etc. I would not be able to because traffic on those certain ports is not allowed to be passed to those systems on the other VLAN. Trunking can also be directional, i.e. from the management VLAN, I can connect to whatever system on whatever port I want (in the commons) but from the commons, only certain kinds of traffic is allowed through (21,22,80,443,135,137,445, etc.)
First, ensure the system you are trying to RDP into has the Remote-Desktop service listening. After that, ensure that there is an exception in the firewall to allow connections to that service. Determine if you are on the same subnet or not. Can other people RDP into the machine you are trying to RDP into? Are you on the same subnet as the people who can connect to that system?
There are numerous other factors but without knowing your environment, there are various factors which could be the issue. Reseeting the TCP/IP, Winsock stack could help, but unlikely the issue. Could be as simple a ipconfig /release /renew /flushdns or could be as complicated as tunneling traffic.