<div dir="ltr">Just a quick FYI that this issue has been solved.<div><br></div><div>The root cause was an invalid class B subnet mask on the machine acting as the RDP server. This mask made the machine think that the entire 66.213 range was on the local network, thus responses to RDP connections from 66.213 clients were not being routed out through the gateway.</div><div><br></div><div>Huzzah for closure! :)</div></div><div class="gmail_extra"><br clear="all"><div><div class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><pre cols="72"><font face="arial, helvetica, sans-serif"><span style="font-size:12.8000011444092px">Karl Jendretzky
IT Manager - Ohio Public Library Information Network
(614) 728-1515
<a href="mailto:karl@oplin.ohio.gov" target="_blank">karl@oplin.ohio.gov</a></span></font><br></pre></div></div></div></div></div></div></div>
<br><div class="gmail_quote">On Mon, Jan 23, 2017 at 12:21 PM, Chad Neeper <span dir="ltr"><<a href="mailto:cneeper@level9networks.com" target="_blank">cneeper@level9networks.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">A thought though...<div><br></div><div>It sounds like you're trying to RDP to a server(s) at one single site. You've established it works from outside the OPLIN network, but not from three sites within the OPLIN network. Has there been a change to the firewall/NAT rules at the RDP server site?</div><div><br></div><div>Also, is the connection establishing, but not staying established?</div><div><br></div><div>You could enable firewall logging on the firewall exception that permits RDP to your server. I'm assuming your RDP server is behind a network perimeter firewall. That's the location I'd start with and enable logging. You might be able to discern if there is even a RDP connection attempt from your three test sites within the OPLIN network. If there is, you might be able to discern a reason for the abort. If you're familiar with packet tracing, that would be useful here to see exactly what's going on and where/when the failure occurs. If a connection has established, the packet trace could show you which device broke the connection or failed to respond properly, etc.</div><div><br></div><div><a href="https://en.wikipedia.org/wiki/Wireshark" target="_blank">https://en.wikipedia.org/wiki/<wbr>Wireshark</a><br></div><div><a href="https://www.wireshark.org/" target="_blank">https://www.wireshark.org/</a><br></div><div><br></div></div><div class="gmail_extra"><span class=""><br clear="all"><div><div class="m_2681441840525746814gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div>______________________________<br><b>Chad Neeper</b><br><font size="1">Senior Systems Engineer</font><br><br><b>Level 9 Networks</b><br><font size="1"><a href="tel:(740)%20548-8070" value="+17405488070" target="_blank">740-548-8070</a> (voice)<br><a href="tel:(866)%20214-6607" value="+18662146607" target="_blank">866-214-6607</a> (fax)</font><br><br><font size="1"><i>Full IT/Computer consulting services -- Specialized in libraries and schools</i></font><br></div></div></div></div>
<br></span><div><div class="h5"><div class="gmail_quote">On Mon, Jan 23, 2017 at 12:10 PM, Chad Neeper <span dir="ltr"><<a href="mailto:cneeper@level9networks.com" target="_blank">cneeper@level9networks.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div>It might be wiser to run RDP over a VPN rather than exposing your RDP servers directly to the world. That seems rather risky to me:</div><div><a href="https://www.google.com/search?q=rdp+over+the+internet+risks&oq=rdp+over+the+internet+risks&aqs=chrome..69i57.4775j0j7&sourceid=chrome&ie=UTF-8" target="_blank">https://www.google.com/search?<wbr>q=rdp+over+the+internet+risks&<wbr>oq=rdp+over+the+internet+risks<wbr>&aqs=chrome..69i57.4775j0j7&<wbr>sourceid=chrome&ie=UTF-8</a><br></div><div><br></div><div>I can't speak towards your particular issue, though. In my own case, I run site-to-site VPNs and my endpoint is outside OPLIN, so I miss your issue on two counts. I just wanted to mention the security risk...(which you may have already considered and mitigated.)</div></div><div class="gmail_extra"><br clear="all"><div><div class="m_2681441840525746814m_4418321873116511851gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div>______________________________<br><b>Chad Neeper</b><br><font size="1">Senior Systems Engineer</font><br><br><b>Level 9 Networks</b><br><font size="1"><a href="tel:(740)%20548-8070" value="+17405488070" target="_blank">740-548-8070</a> (voice)<br><a href="tel:(866)%20214-6607" value="+18662146607" target="_blank">866-214-6607</a> (fax)</font><br><br><font size="1"><i>Full IT/Computer consulting services -- Specialized in libraries and schools</i></font><br></div></div></div></div>
<br><div class="gmail_quote"><div><div class="m_2681441840525746814h5">On Mon, Jan 23, 2017 at 11:50 AM, <span dir="ltr"><<a href="mailto:jdarby@mrcpl.org" target="_blank">jdarby@mrcpl.org</a>></span> wrote:<br></div></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div><div class="m_2681441840525746814h5"><font face="arial" size="2"><p style="margin:0;padding:0;margin:0;padding:0;font-family:arial;font-size:10pt;word-wrap:break-word">Is anyone else having connection issues with RDP from other libraries on the OPLIN network? We have experienced and inability to connect from Upper Arlington PL, Crestline PL, and Ashland PL to Mansfield/Richland County PL, but have had no issues from locations not on the OPLIN network. </p>
<p style="margin:0;padding:0;margin:0;padding:0;font-family:arial;font-size:10pt;word-wrap:break-word"> </p>
<p style="margin:0;padding:0;margin:0;padding:0;font-family:arial;font-size:10pt;word-wrap:break-word">R/S </p>
<p style="margin:0;padding:0;margin:0;padding:0;font-family:arial;font-size:10pt;word-wrap:break-word">John R. Darby</p>
<p style="margin:0;padding:0;font-family:'times new roman';font-size:12pt;word-wrap:break-word">Information Technology Department</p>
<p style="margin:0;padding:0;font-family:'times new roman';font-size:12pt;word-wrap:break-word">Mansfield /Richland County Public Library</p>
<p style="margin:0;padding:0;font-family:'times new roman';font-size:12pt;word-wrap:break-word"><a href="tel:(419)%20521-3152" value="+14195213152" target="_blank">419-521-3152</a></p>
</font><br></div></div>______________________________<wbr>_________________<br>
OPLINTECH mailing list<br>
<a href="mailto:OPLINTECH@lists.oplin.org" target="_blank">OPLINTECH@lists.oplin.org</a><br>
<a href="http://lists.oplin.org/mailman/listinfo/oplintech" rel="noreferrer" target="_blank">http://lists.oplin.org/mailman<wbr>/listinfo/oplintech</a><br>
<br>
<br></blockquote></div><br></div>
</blockquote></div><br></div></div></div>
<br>______________________________<wbr>_________________<br>
OPLINTECH mailing list<br>
<a href="mailto:OPLINTECH@lists.oplin.org">OPLINTECH@lists.oplin.org</a><br>
<a href="http://lists.oplin.org/mailman/listinfo/oplintech" rel="noreferrer" target="_blank">http://lists.oplin.org/<wbr>mailman/listinfo/oplintech</a><br>
<br>
<br></blockquote></div><br></div>