Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

IIS - web remote connection authentication problem

Posted on 2004-09-01
1
255 Views
Last Modified: 2012-05-05
 I have 2 servers both Windows Server 2003. One has IIS on it and has the web remote desktop client on it and has an external IP. The other is a terminal server and allows terminal server access. In front of both of these we have a linux firewall.
  We have allowed access just to the IIS server through the firewall by letting anybody access port 80 on the IIS server and i can access the remote web client on http://<ipaddress>/tsweb absolutely fine!! The problem comes when trying to access the terminal server through the IIS web remote desktop. It cant connect to it!!
  I have put trace on the linux firewall to find out why and i know whats happening but i dont know why!!! It seems that all IIS does it gives the external browser the info to make a terminal services connection itself.
  This means we had to "punch" another hole for the same address through the firewall to the terminal server!! Is there any way that we can not do this and make the IIS server make the connection straight to the terminal server not having to open the firwall up for the termianl server? At the moment in the firewall we allow tcp to port 3389 and allow ICMP to both local and external adresses of the terminal server. With these rules it accesses the terminal server fine through the IIS web connection client. BUT ideally id like to not have any ports open for this authentication and let the IIS web connection client authenticate locally. Is this possible??
0
Comment
Question by:How_Di
1 Comment
 
LVL 34

Accepted Solution

by:
Dave_Dietz earned 90 total points
ID: 11959487
This is not possible.

The Terminal Server Advanced Client (TSAC) Web edition is nothing more than a page that loads an ActiveX object into your browser and gives you a handy interface for telling it what to do.

Basicaly they took the functionality of the Remote Desktop client and wrapped it up in an ActiveX package that runs in your browser.  Your browser then works as an RDP client and connects *from your machine* to whereever you specified on the web page.  All the page does is feeds the entries to the ActiveX object so it knows where to connect.

For the connection to run from the IIS server you would have to have either a server side version of the ActiveX client (doesn't exist) or set up some sort of proxy on the web server to bouce the request from the client to the other server internally (option of using ISA server for this).

In simple terms this is the way it is designed to work and it will be a boatload of customer coding and configuration to make it work any other way.

Dave Dietz
0

Featured Post

The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…

789 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question