James.Oody

Remote Web Access From Within My Network Isn't Working

33 posts in this topic

Hello,

I seem to be having an issue that either no one else ever had or no one knows how to fix. I've researched several different forums and can't find a definite answer. I've accepted the fact that i'm not an expert and could be doing something wrong that is painfully obvious to others. Here's what is happening.

I got Windows Home Server 2011 installed on a fairly new Dell desktop. It far exceeds the hardware requirements. I added user accounts to correspond to the accounts on the computers that i was going to install the connector software on. I installed the connector software on my desktop and my laptop. The WHS Dashboard works on both machines no problem. Most of the functions on the Launchpad work too, except for one. On neither my laptop or my desktop I can't get the Remote Web Access function to work. When I click it, it starts my default browser, attempts to connect to https://SERVERNAME.homeserver.com, but returns an "Internet Explorer cannot display the webpage" message.

post-67836-0-50138500-1317145996_thumb.j

The only way to get the page to load is to use the IP of the server in the address bar. When I do this I get a certificate error.

post-67836-0-47446000-1317146011_thumb.j

Researching this issue I was told that because the certificate is self signed I'll always get a certificate error. Anyways, I click "Continue to this website (not recommended)" and I am greeted with the login page. I log in using an admin user on the box and I am able to see content and browse shared folders. Now this all works as intended except for two functions. When I select browse pictures, I sometimes get a red X instead of a picture thumbnail. This issue is insignificant though. My second issue is I am unable to remote to the server (Dashboard) or my other PCs (If I'm on the desktop i can't remote to the laptop. If I'm on the laptop I can't remote to my desktop). The error I get is "Your computer can't connect to the remote computer because the Remote Desktop Gateway server address requested and the certificate subject name do not match. Contact your network administrator for assistance".

post-67836-0-54866800-1317145976_thumb.j

Its important to note that the Remote Web Access works outside my network. I'm able to use my laptop at work, school, coffee shop, etc to connect and browse, remote, upload/download all day long with no issues. I can also access it from other peoples computer with no issue. Every function works just as advertised. Now if I could only figure out what is going wrong when I'm on my home network...

I did some general troubleshooting ; disabled firewall, checked router settings, released the domain name and recreated it. A forum mentioned routers not supporting loopback. I don't know what that is. I use a Netgear WNR1000 v2. I'm not sure if that's the case here but I'm hoping someone much smarter than I has seen an issue similar to this. Please help.

post-67836-0-54866800-1317145976_thumb.j

post-67836-0-50138500-1317145996_thumb.j

post-67836-0-47446000-1317146011_thumb.j

Share this post


Link to post
Share on other sites

Upgrade to a WGS Supporter Account to remove this ad.

Here is the issue the best I can describe it:

your homeserver.com web address is associated to your external ip address (provided by your ISP), but your router (that doesn't support loopbak I'm almost 100% sure), doesn't know what to do with requests that point it back to itself (that's loopback since your router is the device that holds your external IP address and is basically sending requests to itself), causing you to get browser errors. I would bet that is nearly 100% of the issues you are finding. Try to browse to your homeserver.com address from a computer outside your network and let us know if that works as normal.

1 person likes this

Share this post


Link to post
Share on other sites

I think adding your WHS to your host file on your internal PCs may solve the problem.

An entry such as; 192.168.1.80 WHSNAME

where the IP is the IP of you WHS server and WHSNAME is the name of your server.

The host file is located in Windows\system32\drivers\etc

You will need to have hidden files and folders unhidden to find it.

host does not have an extension to its name but can be edited with notepad.

Share this post


Link to post
Share on other sites

Thank you Cainmp and Ian for your replies.

Try to browse to your homeserver.com address from a computer outside your network and let us know if that works as normal.

I put in the original post that Remote Web Access works perfectly as intended outside my network. I'm able to log into it from work using a PC here and use all functions without issue. Only on my home network do I have this issue. I'm going to try a newer router when I get home as I think you are correct about the loopback.

I think adding your WHS to your host file on your internal PCs may solve the problem.

I tried this with my desktop but I may have entered the server name incorrectly. Instead of listing the actual name of the server in the host file I put the url (SERVERNAME.homeserver.com) which i know now wasn't correct.

Thanks again both of you. I'll try the host file first then the new router and let you know how it goes.

Share this post


Link to post
Share on other sites

Hi James,

no answer I'm afraid, just a confirmation that I get the same certificate error and editing the hosts file didn't make any difference. I know the pc is reading the hosts file as I entered the ip address incorrectly the first time and I then could not log on to the server at all.

nick

Share this post


Link to post
Share on other sites

The reason for the certificate error is because you changed the IP address after you got the certificate, which you got from MS when you subscribe for the domain name when you ran the Remote Access Wizard. You can tell your web browser to ignore the certificate error, as you know the server is trusted.

You would not include the url as you described above in your hosts file. You can put domain names with the correct IP address into your HOSTS file, but not in this situation. Let's say you have two computers on your network plus your server. They may be named PC1, PC2 & SERVER. If they all have static IP addresses you may wish to place all of them into the HOSTS file:

ie

192.168.1.100 SERVER

192.168.1.101 PC1

192.168.1.102 PC2

This is how networking was done along time ago. If you had 1500 systems on your network you had to have all 1500 systems included in your HOSTS file and the HOSTS file had to be installed on all network systems. This was a very difficult way to manage a large network. But on a home network, where you have a small number of systems it is possible to maintain your own HOSTS file. Most people will allow there router to act as the DHCP server and assign IP addresses for workstations, and then only assign static IP addresses to servers. This way you are sure the server is where it should be. the static IP also guarantees that when you try to access your server from the outside world, the data is forwarded to the correct node on your network.

Add your WHS to your HOSTS file. Here is some instructions to edit your HOSTS file....

You will need to add the IP address of your server and then the name of your server

Your server's name may be different then your domain name. To see what your server name is open windows explorer and locate your server under the network section. Or, RDP into your server and check your computer name there. You can find the computer name by right clicking on the computer icon and selecting properties.

It is not necessary to have the same domain name as the name of your server. Once you edit your HOSTS file, you should be able to type SERVERNAME in the address bar of your web browser and it will direct you straight to your remote web access page as you see when you are at work.

I hope this is of some help to you.

Good Luck....

Share this post


Link to post
Share on other sites

Perhaps you misread my post- but you have just said the same;

You will need to add the IP address of your server and then the name of your server

Hey ho.

Share this post


Link to post
Share on other sites

Update: I realized my screenshots disappeared from the original post. I've put them back.

Editing the host file didn't do any good. I confirmed that the host file change was saved and I am still getting the same error above (Error3). I removed the host file entry as a test and I was still able to get to the server by hostname. Modifying the host file was not neccessary.

The two major issuers persist. I want to use the Launchpad as microsoft intended. When I click on Remote Web Access, it wants to send me to https://SERVERNAME.homeserver.com but for some reason IE cannot display that page (Error1 above). Microsoft intended for this to work this way, putting the FQDN in and not just the host name of the box, so my setup must be wrong or it maybe my router. I was unable to aquire a different one so I'll have to wait to see if that is the issue to all of this.

The other issue is I'm still getting the error 3 from above when I attempt to remote to one of my computers from the web interface. The error mentions a "certificate". Is this the same certificate as error 2? How can i make that go away permanently? Can I fix the cert? Release it and get it renewed?

Thanks everyone for the help. I'm sure we'll help others from figuring this out together!

Share this post


Link to post
Share on other sites

James,

The reason you can not access your server via Remote Web Access is because you have the wrong name associated with your servers IP address in your HOSTS file. Until you either correct the entry for your server or comment out the line for your server you will get this error.

Share this post


Link to post
Share on other sites

Do you want me to help you?

Share this post


Link to post
Share on other sites

James,

The reason you can not access your server via Remote Web Access is because you have the wrong name associated with your servers IP address in your HOSTS file. Until you either correct the entry for your server or comment out the line for your server you will get this error.

Bobby,

Thank you for the replies but I don't' think you are fully reading the original post or the additional replies that users are leaving. Just to clear some things up, I COULD ALWAYS access the server by typing the name of the machine into IE. I didn't mention this in my original post but I did say that I was able to connect via IP address. I didn't have to edit the host file to do this. I get a certificate warning when I do this but I can click continue and it will bring me to the same logon screen I see when I'm out of my house. If I do log in, all the functions I've tested work except for one. I get an error when i try and click on one of the connected computers. Error3.jpg attached to the original post shows this.

Two things. I've got the connector software installed on my wife's laptop. I want her to be able to click on the Remote Web Access button on the Launcher and it bring her to the server logon page. I don't want her to have to use the IP address, server name, etc to access it. The less buttons pressed, the better for her. Right now this function is failing outright but no one has mentioned it. Error.jpg attached shows this.

Now I thought I mentioned this in the original post but I seemed to have left it out. If I click on Diagnose Connection Problems at this screen (Error.jpg) I get a diagnosis of "The remote Device or Resource won't accept the connection". Is this information helpful? I know not many people have homeservers or they haven't upgraded to 2011 yet but I can't be the only one with this problem. I'm going to modify my original post, including the suggestions/troubleshooting I've done that everyone has suggested and repost in the technet forums.

Share this post


Link to post
Share on other sites

Let me appologize for not fully comprehending your situation. When you said you could Remote in with the IP Address I knew your router was working ok on you LAN. This lead me to beleive you had a DNS issue. So, I hope I can help you better at this point.

I also got certificate errors, I beleive this happened to me because I changed the servers IP address after I setup my domain. So, for now let's disregard this issue by clicking on the continue option you see in the web browser. And, let's focus on getting your router to pass your request.

From what I can tell you modified you HOSTS file. If you put the server's IP address in the host file as:

192.168.1.100 MyServer.homeserver.com, please comment this out for now by putting a pound sign '#' at the beginning of the line. This will cause your computer to ignore the line until we remove the # sign later. If you did not modify the HOSTS file as I discribed here, you can disregard this paragraph.

Can you check your router to see if port 3389 is open and forwarded to your server? If it is not, let's try and forward port 3389 TCP and name it as RDP.

Try this and let me know what happens.

Share this post


Link to post
Share on other sites

Bobby, thank you again for your reply. No apology necessary. We're all trying to help each other here. Hopefully this post will help someone in the future with a similar issue.

Currently the host file for the system I've been testing with is unmodified. I removed the entry that I created so its back to its original state. I read your suggestion carefully and had a comment. I am currently able to RDP from any of my computers to the server or any other PC on my network. I've had no issue doing so. At this point I'm willing to try anything as long as I see that it isn't going to cause lasting damage and is easily reversible so I went along with your suggestion. I created a custom service on my router (RDP, TCP, 3389, 192.168.1.2). Clicked the Remote Web Access button on the launch pad and IE opened to "Internet Explorer cannot display the webpage" (error.jpg in OP). Entered the IP address of the server in the address bar, hit enter, and this brought me to the Certificate Error page (error2.jpg in OP). Clicked "continue to this website" and logged into the server. Since I was on my desktop I attempted to launch the remote Dashboard for the server. It failed and gave me the same error as before. (error3.jpg in OP) The issue still persists.

Thank you again everyone for your previous and future suggestions.

Share this post


Link to post
Share on other sites

OK,

Let's try something else. Don't change what we did in the last step. We are going to open a couple of additional ports. My WHS2011 book says that if you have a uPNP router, the Remote Access Wizard opens the following ports:

Port 443 (SSL) use TCP protocol

Port 4125 (RDP) use TCP protocol

Of course you want to forward this to your server's IP address.

The interesting thing about these ports are, my router does not have them open. But, I can use RWA from inside and outside my network.

THE FOLLOWING INSTRUCTIONS ARE FROM THE WNR1000 USER'S MANUAL, Let's try to open your NAT filter.

Configuring NAT Filtering

Network Address Translation (NAT) determines how the router processes inbound traffic. Secured

NAT provides a secured firewall to protect the computers on the LAN from attacks from the

Internet, but might prevent some Internet games, point-to-point applications, or multimedia

applications from functioning. Open NAT provides a much less secured firewall, but allows almost

all Internet applications to function. For more information about NAT, see “How Your Computer

Accesses a Remote Computer through Your Router” on page 5-2.

To change the NAT option:

1. In the NAT Filtering area, select either the Secured or the Open radio button.

2. Click Apply to save the new configuration.

Try one thing at a time so we can figure out what made this work....

Good Luck....

Share this post


Link to post
Share on other sites

Bobby,

Port 443 was already being forwarded by uPnP. I created another custom service for 4125. No luck. Same errors as before. Same issues.

I thank you again for plugging away.

Share this post


Link to post
Share on other sites

Did you open the NAT Filtering?

Share this post


Link to post
Share on other sites

Did you open the NAT Filtering?

Yes sorry. I didn't mention this because NAT was already set to open. I had some issues using a headset on xbox 360 so I changed the NAT settings some time ago.

Share this post


Link to post
Share on other sites

James,

I've been scratching my head on this one. So, I went back and read your posts again. In fact I read all the posts, and I noticed that cainmp mentioned that your router does not have the ability to perform loopback. And he suggests that this is the problem.

Do you have access to a different router that you could use for testing purposes? If you can barrow someone router, use the administration tools to backup their configuration. I use a Linksys WRT54GL with the latest version of Tomato firmware installed. The bad thing about this is it is only 54Mbps. Not sure what to tell you to consider as a choice for a router that will work. Maybe, you can ask for input in the hardware section.

Update your post so I know what the results are....

Share this post


Link to post
Share on other sites

Shame on me. I thought since I had a fairly new router that it couldn't be the issue. I was incorrect. Cainmp suggested it and the quote below shows that I considered it but never got around to testing it.

I'm going to try a newer router when I get home as I think you are correct about the loopback. .

I have a borrowed Linksys WRT150N running DD-WRT v24. I had to setup the port forwarding manually as WHS 2011 router setup wizard couldn't do it for me but after that it was like magic. I started the Launchpad on my computer, clicked on Remote Web Access, and it almost brought a tear to my eye. IE started, It showed https://SERVERNAME.homeserver.com in the address bar, and 5 seconds later it displayed the login page. I logged in no problem. Tested all the functionality of the server and all seemed to work. Tried to remote to the desktop from the laptop and volia, everything worked exactly like it should have. I can't thank everyone enough for your efforts on this. Now, I only have to find some custom firmware for my WNR1000 v2 or purchase a new router. Either way, issue solved and many thanks.

RESOLVED: Router was the issue (WNR1000 v2). Loopback not supported.

1 person likes this

Share this post


Link to post
Share on other sites

WOW....I bet you feel better....

If you buy a new router, consider one that is supported by one of the various Open Source Firmware upgrades available.

I looked for the "Tomato" firmware for your router and it is not supported at this time. According to documentation, they need a donor router to develope the firmware.

I run a DD-WRT Linksys and a Tomato Linksys. Personnally, I prefer the tomato firmware, but was unable to configure it as a bridge for my entertainment center. Hence the DD-WRT bridge. Occasionally, the DD-WRT router, in bridge mode, needs a reboot as it looses my network. But, the Tomato router is always rock solid and supports UPnP great.

Here is a link to Tomato compatable routers.

Share this post


Link to post
Share on other sites

I'm having the exact issue described here. I'm using a WRT-54GS with Tomato firmware that ties to another WRT-54GL running DD-WRT as the access point. So I wonder if Tomato has the same issue or if this is my router.

Bobby what are you running Tomato on? Does yours work?

Share this post


Link to post
Share on other sites

I'm running Tomato ver 1.28 on a WRT-54GL. It should not matter that you are using the wrt-54GS as your gateway. Once you installed the Tomato firmware, it's essentially the same as the 54GL. I think the only difference is the amount of NVRAM.

Check these settings:

Set Advanced>Firewall>NAT Loopback to 'all'.

Set Advanced>Routing>Mics>Mode to 'gateway'.

What is the WAN IP address on your Router? Is it a public or private IP address? If it's private then you will need to do something to forward the internet traffic to your router.

Share this post


Link to post
Share on other sites

You'll still get certificate errors when connecting from inside your LAN using your server's hostname or NAT'ed IP address because the server has two certificate stores: one is from GoDaddy that faces the Public Internet (created when one registers for the *.homeserver.com domain) and is what is used when accessing the server from the WAN, and the other is the self-signed certificate store based on the server's hostname (created during the install of the server). Unless you use the FQDN at every RDP, you'll continue to get certificate errors, router loopback or no.

It's just easier to use the FQDN name except in issues where Remote Access has been disabled, of course.

Share this post


Link to post
Share on other sites

Hey bobby, thanx.

Setting the Tomato Router Nat Loopack to All fixed the problem!

The default was Forward Only!

Share this post


Link to post
Share on other sites

Always good to hear success story....The two settings I mentioned seemed to be the only thing that would effect RWA. And The Gateway setting was not very likely, but it would not hurt anything.

Don't be a stranger, continue to check in here at WGS for the latest news on home server technology.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now

  • Similar Content

    • By Musicman50
      Newbie here.
      Lights-Out installed correctly on my WHS2011 (Home Server 2011), but if I try to schedule a sleep mode, it says this option is not available.
      It will allow me to schedule a shutdown, but it does not actually work in my tests.
      I also checked from the Start Button and Sleep is grayed out only shut down is available.
      The computer/server is an eMachine running WHS2011 but formerly running Win 7 pro, and it would goto sleep mode on that OS.
      Is WHS2011 blocking this setting ?
      Thanks for anyone's help..
       
    • By TobyS123
      Hi all,
       
      Just a quick question. Does Windows Home Server 2011 still get security updates etc.? I know it's no longer supported by Microsoft, but am I right in thinking that it's based on Server 2008 R2, which is supported until 2020? Or has Microsoft completely stopped updates to WHS 2011?
       
       
    • By Davidha
      I am trying to support my church with an issue they have with their WHS 2011 system.  They have an HP desktop pc that was running under 8.1 and backing up fine to their WHS 2011 system.  A week ago, the admin must of accidently hit something to schedule an upgrade to Win 10.  As soon as that happened, the connector would no longer connect to the server.  I uninstalled the connector and tried reinstalling it.  Everything looks like it is working great until the very end and the status bar suddenly starts going backwards until an error comes up that says an error occurred and most of the installation has been deleted.  I have made sure all the updates on both the pc and server have been installed.  I have rebooted both machines.  I have tried a couple of the hotfixes suggested in different forums and I already have them on.  I have the same scenario at home where a machine updated and broke the connector.  I just had to uninstall and reinstall and everything was fine.  I tried copying the connector from my server to the machine at church and got the same results.  I also saw a post to try loading the 2012 server connector on the machine and then delete it...but that didn't help as well.  I am noticing that some of the services are not turning on.  I have turned on all the windows services on both machines, but still no luck.  Any ideas would be greatly appreciated.  I have spent about 6-7 hours on this issue!
    • By britgeezer
      I have 3 PC's  (2 W10 Pro and 1 W7) and a server running WHS 2011.
      All was well until I updated this PC to new W10 Pro install using an ASUS  Z07-Pro Gamer MB, all other components are the same.
      I had little trouble to install connector and dashboard started up and allowed this PC  to be added as a new user and it shows me as active under user.
      However, when I go to "computers and backup" this PC does not show up in the list of PC's that can be selected.
      I have tried uninstalling and reinstalling the connector several times, made sure I have no W10 updates pending, restarted the server all to no avail.
      If I try to run backup from Launchpad I get the message "backup is not setup for this computer".
      This has to be a simple error but its got me stumped - help please.
       
       
       
       
    • By Teetime
      I am using WHS 2011. I have two Windows 10 clients. The laptop was upgraded in place from Windows 7 to Windows 10 several months ago and LO works fine there. The desktop was upgraded in place from Windows 7 to Windows Windows 10 yesterday and I can't get its LO service to continue running. If I manually start it, everything looks fine but after several hours the service stops.
      Here are my observations that will hopefully help you determine what the problem is. With the service stopped I log into WHS 2011 and go to the LO Computers tab. For the Win10 desktop all of the items are grayed out. Back at the desktop, I right click the LO lightbulb and select About. It shows me connected to the home server. If I click the home server link it takes me to the Explorer view of the server's folders. Both client PCs are running 1.6.1.2408. What should I do to get LO working properly on this Wn 10 client?


Upgrade to a WGS Supporter Account to remove this ad.



  • Posts

    • I had no problem with Windows 10.  However, I just completed the anniversary update and now the "Connector" won't run to conclusion.  It backs itself out and reports an unspecified error.
    • Apologies if I'm being stupid, but I'm having great trouble understanding how Lightsout backup and the Server Essentials 2012 backup work together (or fight with each other). I find the Lightsout documentation on this very unclear, and various threads have left me no wiser. I'd appreciate some help! Here's the setup: Lightsout is running nicely on the server. Before backups were set up, I established that the server hibernated when the clients were switched off. The server woke up when a client was powered up. (This behaviour broke when backups were set up.) The server is Essentials 2012, with a number of client laptops: a mix of Windows 7, 8 & 10. The Essentials backup window is 22:00 - 07:00. No backup settings are currently made in Lightsout. Here's what I'd like to achieve: At the end of the working day all the clients are put to sleep or hibernate (or switched off completely, I don't care which). Ten minutes after that, Lightsout hibernates the server. Sometime during the night (22:00 - 07:00) the server wakes up, then wakes up the various clients in turn, backs them up, and puts them back to sleep / hibernate / shutdown (I don't care which). Here's what actually happens (when I look at the uptime chart the next morning): At the end of the day (about 17:15) the clients are put to sleep / hibernate. (I tell the team not to shut down their client laptops because I assume the server can't wake a completely shut down client - is that correct?) The server does not hibernate. Approximately 90 minutes after the clients were put to sleep / hibernate, they all wake up simultaneously (around 18:45, but I don't know why this happens). The clients then stay awake all night. Later, from 22:00, some of the backups take place (but not all of them). The backups are spread wide apart in the 22:00 - 07:00 window with lots of time when nothing is going on at all. The clients do not go back to sleep / hibernate after their backups. ...can anyone suggest what combination of settings I should be using to get the desired behaviour? Here are the sort of things that are confusing me, but I can't find definitive answers (and each experiment I do takes 24 hours to give any results!): I know I can specify clients' individual backup times in Lightsout, but I don't know how long a client's backup will take, so I could have backups overlapping each other and causing a traffic jam. Should I worry about this? If I set Lightsout backups, what do I set for the Essentails backup window? What if it's not long enough to get all the backups done? If I make settings in the Lightsout backup dialog do I have to complete everything in that dialog box? Does this make the Essentials 2012 backup settings redundant? What about the Essentials 22:00 - 07:00 backup window, does that matter any more? I tried setting client backup times in Lightsout with an end action of 'sleep'. The backups didn't happen at all and clients all spontaneously went to sleep in the middle of the working day (the server / clients clocks all match, I checked). Can Lightsout wake up a client laptop that is completely shut down? Thanks for reading this long post and sorry if these seem like stupid questions. I already have WHS2011 / Lightsout running perfectly on another setup (where my backups take place during the day), but nocturnal backups are a new level of complexity for me!
    • Christopher wrote:  << And to clarify, if you want multiple backup drives to be cycled offsite, you MUST connect all of them at the same time when you set up the backups. >> I'm not clear about this. To the best of my recollection, I never connected both of my backup drives to the server at the same time,  For test purposes, I just initiated a recovery (using the WHS Installation Disk) with each of them hooked up.  The one that has been offsite and the one that backed up last night were both found by the "Repair an existing installation" procedure.  Perhaps I'm misreading your clarification.
    • Please check if task scheduler is still working. If not use this tool here https://repairtasks.codeplex.com/ If that does not help you may try to reinstall WHS Connector.
    • My WHS v1 (home build) starting misbehaving and finally needed a new system disk.
      After lots of threads, trial and errors, AF and non-AF drives, and lack of the Server Reinstallation choice it has finally progressed.
      Weeks of frustration. My recent attempts proceeded well but all ended up without the rebuilding of the Storage Pool (6 drives).
      The drives are detected and show up as "not added" in Server Storage and as "non managed" in Disk Management.
      There is no C:\fs on the SYS volume.
      It appears that the RebuildPrimary stage of the reinstallation, mentioned by some posters, was not successful. Has anyone found a way to force the rebuilding of the Storage Pool on reinstallation?
      I have tried X: Files v1.5.5 and the original Microsoft Disk with the same outcome. [My next step will be to migrate the "shares" and "folders" manually - it would have be quicker to have done this initially.]
       
  • Popular Contributors