Windows 2008 RDS Gateway Server - IIIS - Security

Hello

I have enabled TS Gatewaye on my server. Clients can RDP to from outside and authenicate against the server.

I have noticed that is if i type in the name of the server in a URL http://ts.domain.com then i get the default IIS page. Is there away to stop that I see this as secuirty hole.

I tried the server http redirect option redirecting to https://ts.domain.com/ts but this breaks the authenication.

Any ideas on how to make the Gateway more secure while still allowing it authenicate.

thank you

john
escadminAsked:
Who is Participating?
 
SangramGohilCommented:
Hi,

Use URL rewrite in IIS7

i think it will not break authentication also

http://www.iis.net/download/urlrewrite

give it a try.

formula could be like
Requested URL : Matches the pattern
Using: Regular Expression
Pattern :(.*)

Logical Group

Condition : {HTTPS}
Matches the pattern
OFF$

Action Type :Redirect

Redirect URL: https://{http_host)/ts

give it a try in test lab first
0
 
escadminAuthor Commented:
Will look at the application this weekend. I need to find what exactly RDS Gateway is conencting to on the inside.

John
 
0
 
escadminAuthor Commented:
The problem is i cannot redirect it. Last week I had someone scan my server. Nothing uploaded etc. I wish MS would have something about locking down the Terminal server gateway. I award you the points as no one else responded.
0
 
escadminAuthor Commented:
No answers to locking down the server.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.