[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 981
  • Last Modified:

How can I connect using VNC to my internal servers via Windows 2008 Terminal Service Gateway Server

Hi,
I was told by Microsoft that Windows 2008 Terminal Services Gateway Server and TS Web Access would allow me to utilize an application on the TS Server. So, I'm trying to achieve the following:
1. Access TS Web via TS Gateway Server through port 443 only. (This I was able to achieve)
2. Run VNC Viewer off TS Web Access which I can then use to connect to my application servers (Which I have not been able to achieve).
So, million dollar question - is this possible? I have been able to RDP through 443 via my TS Gateway Server so I know that works but how would I be able to use VNC from TS Web Access to connect to my internal servers. And the catch is that only port 443 is allow to the gateway server.

Any response will be much appreciated.

Thank you in advance.

regards,

Ricky Chong
0
pepelepew8
Asked:
pepelepew8
1 Solution
 
Jeff BrownGlobal Helpdesk SupervisorCommented:
if i am reading this correctly. the following is true

externally port 443 forwards to TS
internally on that network tho what ports are available?
if only 443 is available on the internal network then this is not possible as vnc and RDP TS cannot be using the same ports on the same adaptor.

Ususally when i am setting up something like this i configure this way

one gateway server with 2 ethernet cards
card 1 faces the internet heavily firewalled with 443 open to TS RDP but no local traffic is allowed
card 2 faces Local or VPN trafic and is trusted with more ports open but has no routing to the internet
card 2 is selected for vnc traffic on its ports which can be set to anything using the vnc server and client settings.  I probably wouldn't use 443 even tho its on the second nic tho just adds confusion.

--wild
0
 
pepelepew8Author Commented:
Hi,

Sorry for the late reply. Actually I could do it. And it seems to be working fine. I guess how the technology works is connectivity to internet based users will be directed to the Terminal Service Gateway Server which will then proxy to port 3389 to the Terminal Service Server when accessing the applications.

All I needed was to get my certificates working properly and it was quite easy to do. :)
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Tackle projects and never again get stuck behind a technical roadblock.
Join Now