Solved

Windows 2008 RDS Gateway Server - IIIS - Security

Posted on 2010-09-08
4
488 Views
Last Modified: 2012-05-10
Hello

I have enabled TS Gatewaye on my server. Clients can RDP to from outside and authenicate against the server.

I have noticed that is if i type in the name of the server in a URL http://ts.domain.com then i get the default IIS page. Is there away to stop that I see this as secuirty hole.

I tried the server http redirect option redirecting to https://ts.domain.com/ts but this breaks the authenication.

Any ideas on how to make the Gateway more secure while still allowing it authenicate.

thank you

john
0
Comment
Question by:escadmin
  • 3
4 Comments
 
LVL 3

Accepted Solution

by:
SangramGohil earned 250 total points
ID: 33644552
Hi,

Use URL rewrite in IIS7

i think it will not break authentication also

http://www.iis.net/download/urlrewrite

give it a try.

formula could be like
Requested URL : Matches the pattern
Using: Regular Expression
Pattern :(.*)

Logical Group

Condition : {HTTPS}
Matches the pattern
OFF$

Action Type :Redirect

Redirect URL: https://{http_host)/ts

give it a try in test lab first
0
 

Author Comment

by:escadmin
ID: 33650955
Will look at the application this weekend. I need to find what exactly RDS Gateway is conencting to on the inside.

John
 
0
 

Author Comment

by:escadmin
ID: 33827171
The problem is i cannot redirect it. Last week I had someone scan my server. Nothing uploaded etc. I wish MS would have something about locking down the Terminal server gateway. I award you the points as no one else responded.
0
 

Author Closing Comment

by:escadmin
ID: 33827176
No answers to locking down the server.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When it comes to showing a 404 error page to your visitors, you do not want that generic page to show, and you especially do not want your hosting provider’s ad error page to show either. In this article, I will show you how to enable the custom 40…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now