We help IT Professionals succeed at work.

How to configure Remote Web Workplace on SBS 2003 with ISA 2000 ...

961 Views
Last Modified: 2013-11-21
Hi,

I need to establishe remote access to a Terminal Server beyond the firewall of a SmallBusiness Server 2003 with ISA 2000. What do I need to do to gain access to this Terminal Server going through the Small Business Server as a firewall/proxy....

TIA
Tom
Comment
Watch Question

Philip ElderTechnical Architect - HA/Compute/Storage
CERTIFIED EXPERT

Commented:
Step 1:
The RWW: http://blogs.technet.com/sbs/archive/2006/07/25/443383.aspx
 and
http://blogs.technet.com/sbs/archive/2006/11/03/remote-web-workplace-rww-part-ii-controlling-portal-access.aspx

You need an URL to point to the static IP on your SBS server's external facing NIC (bound to ISA).
Eg: remote.mydomain.com
Required: DNS A Record remote.mydomain.com
 pointing to my SBS IP: 99.99.99.125
Once you have the DNS settings at your ISP done and pointing to your server, rerun the CEICW and assign the remote.mydomain.com URL as the Internet URL.
Once the CEICW is finished, remote into another machine outside the SBS network if you are not already outside, and open IE and URL: https://remote.mydomain.com/remote and you will be greeted with the RWW logon page.
Standard username and password to access the SBS network from there ... that means make sure that your usernames are formatted FirstLast and you have a good password/passphrase policy in place: Th1s is my p@ssword! (excellent)

Suggestion:
Purchase an SSL certificate from a provider that is set to the above remote.mydomain.com URL/common name and install it. That eliminates some of the SBS self-issued certificate hiccups that one runs into for OWA, Windows Mobile, and RDC on Vista.

Philip

Author

Commented:
I am missing something here:
consider my external IP is 202.12.11.55. -> SBS external   = mydomain.com.au
SBS is on: 10.0.0.2 (internal)
TS is on 10.0.0.3  ( internal)
How will the system know that it has to deal with TS and NOT SBS?
Philip ElderTechnical Architect - HA/Compute/Storage
CERTIFIED EXPERT

Commented:
Okay.
So, given your example, we have the following at your ISP:
DNS A Record: rww.mydomain.com.au
Points to: 202.12.11.55
Once that is in place, rerun CEICW to set the rww.mydomain.com.au in place as the RWW URL.
Setup your certificate if you are going 3rd party.
Users open IE and type: https://rww.mydomain.com.au/remote and receive the blue RWW logon page.
They logon and receive the following portal page the RWW Portal (shown below).
In that list they would see the "Connect to my company's Application Server".
They click on that link and SBS takes care of the proxy setup to establish the RDC session.
Philip

08-07-07-RWW-Jump-Page.JPG

Author

Commented:
Thanks for the above. Is this available in R1 of SBS?
Technical Architect - HA/Compute/Storage
CERTIFIED EXPERT
Commented:
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION
Philip ElderTechnical Architect - HA/Compute/Storage
CERTIFIED EXPERT

Commented:
BTW,
Did you get your hands on the SBS SP1 media prior to their being dropped last December? They include the ISA 2004 update.
If you are looking at upgrading, I highly suggest going with SBS 2003 R2 Premium on Open Value 3 year spread payment agreement. Then there will be a guarantee that MS will cover the setup with an ISA configuration ... yet to be confirmed as far as the how.
Philip
Unlock the solution to this question.
Join our community and discover your potential

Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.