Solved

IIS - web remote connection authentication problem

Posted on 2004-09-01
1
256 Views
Last Modified: 2012-05-05
 I have 2 servers both Windows Server 2003. One has IIS on it and has the web remote desktop client on it and has an external IP. The other is a terminal server and allows terminal server access. In front of both of these we have a linux firewall.
  We have allowed access just to the IIS server through the firewall by letting anybody access port 80 on the IIS server and i can access the remote web client on http://<ipaddress>/tsweb absolutely fine!! The problem comes when trying to access the terminal server through the IIS web remote desktop. It cant connect to it!!
  I have put trace on the linux firewall to find out why and i know whats happening but i dont know why!!! It seems that all IIS does it gives the external browser the info to make a terminal services connection itself.
  This means we had to "punch" another hole for the same address through the firewall to the terminal server!! Is there any way that we can not do this and make the IIS server make the connection straight to the terminal server not having to open the firwall up for the termianl server? At the moment in the firewall we allow tcp to port 3389 and allow ICMP to both local and external adresses of the terminal server. With these rules it accesses the terminal server fine through the IIS web connection client. BUT ideally id like to not have any ports open for this authentication and let the IIS web connection client authenticate locally. Is this possible??
0
Comment
Question by:How_Di
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 34

Accepted Solution

by:
Dave_Dietz earned 90 total points
ID: 11959487
This is not possible.

The Terminal Server Advanced Client (TSAC) Web edition is nothing more than a page that loads an ActiveX object into your browser and gives you a handy interface for telling it what to do.

Basicaly they took the functionality of the Remote Desktop client and wrapped it up in an ActiveX package that runs in your browser.  Your browser then works as an RDP client and connects *from your machine* to whereever you specified on the web page.  All the page does is feeds the entries to the ActiveX object so it knows where to connect.

For the connection to run from the IIS server you would have to have either a server side version of the ActiveX client (doesn't exist) or set up some sort of proxy on the web server to bouce the request from the client to the other server internally (option of using ISA server for this).

In simple terms this is the way it is designed to work and it will be a boatload of customer coding and configuration to make it work any other way.

Dave Dietz
0

Featured Post

Revamp Your Training Process

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
How to virtualize old server? (2003) 7 135
Trust relationship SBS2011 - > Windows 2003 3 49
server DNS address could not be found 22 301
Time server on domain 3 24
Preface Having the need * to contact many different companies with different infrastructures * do remote maintenance in their network required us to implement a more flexible routing solution. As RAS, PPTP, L2TP and VPN Client connections are no…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
Finding and deleting duplicate (picture) files can be a time consuming task. My wife and I, our three kids and their families all share one dilemma: Managing our pictures. Between desktops, laptops, phones, tablets, and cameras; over the last decade…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question