Link to home
Start Free TrialLog in
Avatar of benjilafouine
benjilafouine

asked on

Terminal server listening on two ports

Hi,

Is there a way to have a Windows 2008 Server listening on two different ports at once for Terminal Server connections. I have clients that must connect from different locations except that one of them is behind a firewall that blocks port 3389 outgoing.

I could change the listening port to something else than 3389 but I would still like to keep listening on the default port (less trouble). And once I have this done (if feasible), how do I set the outgoing client to connect on a different port?

Any suggestions for me to workaround this problem?

Thanks.
Avatar of tigermatt
tigermatt
Flag of United Kingdom of Great Britain and Northern Ireland image


I'm not aware of a way to have a Terminal Server listen on two ports. However, I do have a possible solution for you:

If your firewall has the ability for you to create custom firewall rules, create a new custom one called 'Terminal Server Custom Port'. Set its External Port to something other than 3389 so the remote connections work, but set the port it maps to Internally to 3389. Then, assign this firewall rule and have it set to forward to the Terminal Server's IP.

By doing this, inbound requests on port, say 3390, will be received by the firewall, but passed on to the Terminal Server on port 3389 - the standard port - and things will work as normal. This also means you can keep the current port 3389 rule and have other users connect directly on that.

It has worked for me. Good luck.

-Matt
Avatar of benjilafouine
benjilafouine

ASKER

I could do that but if I'm right, I would have to instruct my other clients to use IP address xxx.xxx.xxx.xxx:3390 to connect to my server, right? This is what I want to avoid.

My router/firewall does cannot make any other rule than port forwarding or port range forwarding.

Benji.
Benji,

So your router does not enable you to create a custom rule? Most routers let you add in your own Custom Port Forward rules, where you then map an 'external' port to an 'internal' port. I've seen very few which don't have this feature.

If you can use this, it means the Terminal Server stays listening on port 3389. The router then does the mapping, so it takes incoming requests on port 3390 and sends them to port 3389 on the Terminal Server.

You can add another rule (giving you two rules) - the usual port 3389 terminal services rule - which would enable all the users for whom 3389 is not blocked to still connect without specifying a different port in their connection string.

-Matt
ASKER CERTIFIED SOLUTION
Avatar of Amirchoupani
Amirchoupani
Flag of Iran, Islamic Republic of image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
This was well worth the small amount I'm paying per month for this service. I knew I could count on someone at Experts Exchange for a quick answer.  Solved on Windows 2008 (but don't forget to open a port manually on the Windows 2008 built-in firewall). And thanks.