[Webinar] Streamline your web hosting managementRegister Today

x
?
Solved

Allow RDP to tunnel from internal to external network through ISA 2006 proxy server?

Posted on 2008-06-17
6
Medium Priority
?
879 Views
Last Modified: 2013-11-21
I have an ISA 2006 proxy server which internal users must go through to gain access to external/ internet resources. Since I implemented the server, internal users are unable to connect to RDP via web connections to external servers. I have modified the rule for internet access to allow the RDP protocol but this hasn't resolved it.

Looking further into it I understand that when you connect to a web RDP server, it simply downloads the ActiveX Terminal Services client and then tries to connect you as standard via 3389 to the server. I think this is where my trouble lies as by default the client machine will only direct port 21, 80 & 443 traffic to the ISA server. THis being the case, the 3389 connection is attempted directly from the client machine and hence, fails as the client machine has no direct internet access.

Is there any way I can get the RDP connection out through the proxy server? Or is there no other way than to bypass the proxy server for this whole process?

Feel free to ask me any more questions, thanks for your time!
0
Comment
Question by:bermyman
  • 2
  • 2
4 Comments
 
LVL 6

Expert Comment

by:Nyah247
ID: 21815689
Setup a live monitoring session for a single test workstation on ISA and attempt to access your RDP site.  What does the monitor say is being denied?  
0
 

Author Comment

by:bermyman
ID: 21815849
I setup live monitoring to check. I see the connections being made initially up to the point where it gets to the activex terminal services client. It's at this point that it'll begin using the TS client, which the proxy will have no record of as it's straight out port 3389.

So all live monitoring sees is the connections up to the point where the active-x control comes down. The client machine makes a separate connection to the TS server from here on - which is completely unbeknownst to the proxy as the client machine will only send ports 80,443 and 21 to the proxy.

The more I think about this the more I'm becoming convinced it's impossible. Thanks for helping though!
0
 

Author Comment

by:bermyman
ID: 21857384
Just for anyone else looking for the same solution, I think it's probably impossible to encapsulate any RDP still through 80 or 443 and telling client machines to proxy 3389 also appears impossible. The more I think about it the more i'm convinced that perhaps my expectations of the proxy server being an all singing and dancing gateway for all users were misguided. It handles the majority of web traffic fine but any FTP or RDP stuff needs to be punched through the firewall directly.

Unless anyone else has any ideas? I'll leave the question open just in case...
0
 
LVL 6

Accepted Solution

by:
Nyah247 earned 2000 total points
ID: 21904059
This article may be worth a look-see:  http://www.isaserver.org/articles/2004pubts.html  Note...there is now a product made by Collective Software called ClearTunnel which will allow ISA to analyze SSL content.
0

Featured Post

Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

On a regular basis I get questions about slow RDP performance, RDP connection problems, strange errors and even BSOD, remote computers freezing or restarting after initiation of a remote session. In a lot of this cases the quick solutions made b…
Background Information Recently I have fixed file server permission issues for one of my client. The client has 1800 users and one Windows Server 2008 R2 domain joined file server with 12 TB of data, 250+ shared folders and the folder structure i…
Kernel Data Recovery is a renowned Data Recovery solution provider which offers wide range of softwares for both enterprise and home users with its cost-effective solutions. Let's have a quick overview of the journey and data recovery tools range he…
How to fix display issue, screen flickering issue when I plug in power cord to the machine. Before I start explaining the solution lets check out once the issue how it looks like after I connect the power cord. most of you also have faced this…
Suggested Courses

608 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question