Solved

Connect to Terminal Server behind ISA Firewall with private IP

Posted on 2002-07-09
6
317 Views
Last Modified: 2010-04-13
I have a problem connecting to a Windows 2000 Terminal Server in Admin mode.  This server is behind an ISA 2000 firewall server.  The server is configured with a static private IP address (i.e. 192.168.0.200).

On my LAN, I can connect fine because I’m on the same private IP address subnet.  However, I cannot figure out how to connect to this terminal server over the Internet because of the private IP address problem.  

Is there any way I can make this connection possible without resorting to assigning my Terminal server with a public IP?  The port number 3389 is open on the ISA server for terminal services.  

Just a thought; can I somehow map the terminal server’s private IP to a public IP address on the ISA and route any connection to this public IP to the terminal server?  Can this be done with RAS routing feature?

I also tried pcAnywhere 10.5 and ran into the same problem.

Thanks for any tips.
0
Comment
Question by:speedway
  • 2
  • 2
  • 2
6 Comments
 
LVL 63

Expert Comment

by:SysExpert
ID: 7141003
Yes you should be able.
For PC anywhere

pcAnywhere uses either of two sets of ports depending on the version of pcAnywhere you are using. One   set uses ports 65301 and 22. The second set uses the registered ports 5631 and 5632.

               2.0 tcp 65301 udp 22
               7.0 tcp 65301 udp 22
               7.50 tcp 65301 udp 22
               7.51 tcp 65301 udp 22
               CE tcp 65301 udp 22
               7.52 tcp 5631 udp 5632
               8.x tcp 5631 udp 5632
               9.0 tcp 5631 udp 5632
               9.2 tcp 5631 udp 5632

How to change the IP ports that pcAnywhere 10 uses

                   Situation:
 Some firewalls allow only a single pcAnywhere host to use an IP port. Additional pcAnywhere hosts  behind that firewall must use different ports. You want to know how to change these ports.
                  Situation:
 Some firewalls allow only a single pcAnywhere host to use an IP port. Additional pcAnywhere hosts  behind that firewall must use different ports. You want to know how to change these ports.
http://service1.symantec.com/SUPPORT/pca.nsf/docid/2001021417112312?OpenDocument
How to use pcAnywhere with a Cable or ADSL Modem
How to use pcAnywhere with a Dynamic IP Address or Domain Name Service
http://service1.symantec.com/SUPPORT/pca.nsf/docid/2001041616061412?OpenDocument
pcAnywhere and Network Address Translation
http://service1.symantec.com/SUPPORT/pca.nsf/e1aefd06d28fcec6852569e5004cef32/c22361b63e2f7bfe88256766006136e6?OpenDocument

I hope this helps !
0
 
LVL 63

Expert Comment

by:SysExpert
ID: 7141007
ALso

http://service4.symantec.com/SUPPORT/pca.nsf/e1aefd06d28fcec6852569e5004cef32/e8421bce325eb66485256b3000697314?OpenDocument

Similarly , you should be able to get TS working.

I would check the MS site for specific info.

I hope this helps !
 
0
 
LVL 1

Expert Comment

by:Gabe_Rivera
ID: 7141071
Hey Speedway, I had this same problem. Check this out, I think it should be what you're looking for..

http://support.microsoft.com/search/preview.aspx?scid=kb;en-us;Q275210
0
Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

 
LVL 1

Accepted Solution

by:
Gabe_Rivera earned 200 total points
ID: 7141110
Whoops, forgot to put this article on there too.

http://support.microsoft.com/search/preview.aspx?scid=kb;en-us;Q294720
0
 

Author Comment

by:speedway
ID: 7141660
Thank you, Gabe.  That article contained exactly what I was looking for.  I knew I had to map the external IP on the ISA server to the internal IP on the terminal server.  Just didn’t know how to do it in the ISA console.  I actually searched Microsoft’s knowledge base all over the place.  Don’t know how I missed it.  Guess just didn’t type the right words.  Thanks a million.  Well, actually, 200 points.

SysExpert, thanks for the Symantec links.  I had already read all those information when I was trying to get pcAnywhere to work.  I knew about the ports issue.  Your second message would work if I was trying to install pcAnywhere on the ISA server.  Actually, that would be easy since the ISA server has public IP address.  I already have terminal services working on the ISA server.

Now I have another problem.  I tried to create a new Server Publishing Rule in the ISA manage MMC.  On the second screen, it asked me for the internal address of the internal server and external address on the ISA server.  I entered the internal address without problem.  However, I could not enter in or find the external address from the ISA server.  I clicked the browse button and there was nothing (no IP listed in the browse box).  How could that be?  I have 6 public IPs assigned to the external network adaptor with 3 of them free.  At the very least 1 IP should show up since I know the ISA server is working fine at routing internet services for our LAN.  Is this a bug or am I missing something?
0
 

Author Comment

by:speedway
ID: 7142025
Solved my problem.  I needed to reboot in order for the public IP I just added to the external adaptor to show up in the server publishing wizard.
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Registry Error Stop 0X0000051 3 2,824
VSS on host & VM 10 414
301 redirects on a non-existent site (the site was deleted) 1 307
reboot server with scheduled time and week base 4 32
NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
Starting your own business is always a daunting process, and for most people it is brand new experience. Avoid the common pitfalls by following these tips to start on the road to success.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
In a recent question (https://www.experts-exchange.com/questions/29004105/Run-AutoHotkey-script-directly-from-Notepad.html) here at Experts Exchange, a member asked how to run an AutoHotkey script (.AHK) directly from Notepad++ (aka NPP). This video…

791 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question