IPSec Win2K server with VPN Terminal services
Posted on 2003-11-01
I am preparing a server for co-location. It is a Win2k server with SQL 2000. All service packs are installed.
What I would like to do is use TS (Admin Mode) through a VPN connection ONLY and block it to the outside world. VPN & RDP are working now, but the port is open. I have tried to block the port, but even with a VPN connection it will not allow a RDP connection if the port is "blocked"
I have taken a lot of security steps ( MS Baseline Security & SQL C2) to try to enhance security. This is a stand alone server.
There is one network card installed and I have an IPSEC policy to allow 80,443,20/21 in and out. I have blocked all other traffic.
I have tried applying a Permit action to "remote" connections
The answer should contain steps to allow a Terminal Services RDP connection via VPN while blocking port 3389 to external traffic.