Can ping servers but cannot connect to them

48,824

Just because you can ping a system or connect to it through a web-browser does not mean you can connect through other methods. Since you are a "newbie" as you put it, ill explain it in layman's terms. Computers use certain ports to communicate with other systems and to allow communication to their own system. Services run on certain ports to allow connections from other computers. For example, when you connect to Google.com, you use a web-browser which sends out a connection to Google.com (connecting to google) on port 80 (Http) or 443 (Https). I put TO GOOGLE there because your system doesn't use port 80 to send the outbound connection, it is connecting TO GOOGLE on port 80. There is a lot of other stuff that goes on in the background (DNS, NAT, etc.) but I'm trying to keep this as simple as possible.

Depending on the network configuration, perhaps port 80/443 (Http/Https) are allowed through (a firewall, VLAN trunk, etc.) but 3389 (RDP) is not. Maybe the server you are trying to RDP into doesn't even allow RDP connections (no port/service listening). Maybe it should but the exception wasn't added to that systems local firewall or perhaps the standard 3389 port has been changed.

There are a variety of factors but the first thing that comes to mind in MY environment at work is trunking. We have over 25 VLAN's on our Cisco Catalyst 6513 switch. One VLAN is for the commons area (students can use systems) and one is for management. Each VLAN is restricted from the other with certain conditions. Now from the commons, I can ping management systems, but if I wanted to connect through RDP, HTTP, SMTP, SSH, etc. I would not be able to because traffic on those certain ports is not allowed to be passed to those systems on the other VLAN. Trunking can also be directional, i.e. from the management VLAN, I can connect to whatever system on whatever port I want (in the commons) but from the commons, only certain kinds of traffic is allowed through (21,22,80,443,135,137,445, etc.)

First, ensure the system you are trying to RDP into has the Remote-Desktop service listening. After that, ensure that there is an exception in the firewall to allow connections to that service. Determine if you are on the same subnet or not. Can other people RDP into the machine you are trying to RDP into? Are you on the same subnet as the people who can connect to that system?

There are numerous other factors but without knowing your environment, there are various factors which could be the issue. Reseeting the TCP/IP, Winsock stack could help, but unlikely the issue. Could be as simple a ipconfig /release /renew /flushdns or could be as complicated as tunneling traffic.

Share:
48,824

Related videos on Youtube

Theomax
Author by

Theomax

Software Developer

Updated on September 18, 2022

Comments

  • Theomax
    Theomax over 1 year

    Sorry in advance if this question is a bit newbi-ish. I downloaded Microsoft Connection Manager and added multiple .rdg files for different servers I need to access. I can browse to only a few of them, but most of them I get the following errors:

    • Unable to decrypt password
    • Cannot establish a connection

    I have checked the passwords and credentials and they appear to be correct (checked against a collegues' settings). I can ping the servers and I get get a reply from them but cannot connect to them through Connection Manager.

    Also, for two of the servers I can navigate to them in the browser (but cannot connect to them in Connection Manager)

    As I know very little about servers and networks, I would like to know how I can investigate this further and find out (and fix) why some of them are connecting and some aren't - especially as I can ping them but not connect to them? The main thing that puzzles me is why I can browse to them in the browser for some of the servers, or ping them when they cannot be connected to in Connection Manager.

    I have seen a few solutions to similar problems on the net that recommend clearing the tcp ip stack; but I'm not sure if this applies to the above. Could this be related to permissions?

    What things can I do to investigate/fix this problem?

    • tony roth
      tony roth over 11 years
      what os's are you connecting to, more then likely its network level auth being required.
  • Theomax
    Theomax over 11 years
    @Blake, thank you for the detailed reply. Yes, other people can access the machine(s) and they appear to have the same environment setup. I will check to see if I am on the same subnet as the other people who can connect to them, I hadn't considered that.
  • Blake
    Blake over 11 years
    Doh, I think I might have over thought this issue. If you are receiving the "Unable to decrypt password" you can either retype the password in the properties and save, and/or select store password in clear text. Im sure this will fix your issue. (Ref: superuser.com/questions/344081/…)
  • Magellan
    Magellan about 11 years
    That sounds more like a rant than a coherent answer.