Solved

Windows 2008 RDS Gateway Server - IIIS - Security

Posted on 2010-09-08
4
507 Views
Last Modified: 2012-05-10
Hello

I have enabled TS Gatewaye on my server. Clients can RDP to from outside and authenicate against the server.

I have noticed that is if i type in the name of the server in a URL http://ts.domain.com then i get the default IIS page. Is there away to stop that I see this as secuirty hole.

I tried the server http redirect option redirecting to https://ts.domain.com/ts but this breaks the authenication.

Any ideas on how to make the Gateway more secure while still allowing it authenicate.

thank you

john
0
Comment
Question by:escadmin
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
4 Comments
 
LVL 3

Accepted Solution

by:
SangramGohil earned 250 total points
ID: 33644552
Hi,

Use URL rewrite in IIS7

i think it will not break authentication also

http://www.iis.net/download/urlrewrite

give it a try.

formula could be like
Requested URL : Matches the pattern
Using: Regular Expression
Pattern :(.*)

Logical Group

Condition : {HTTPS}
Matches the pattern
OFF$

Action Type :Redirect

Redirect URL: https://{http_host)/ts

give it a try in test lab first
0
 

Author Comment

by:escadmin
ID: 33650955
Will look at the application this weekend. I need to find what exactly RDS Gateway is conencting to on the inside.

John
 
0
 

Author Comment

by:escadmin
ID: 33827171
The problem is i cannot redirect it. Last week I had someone scan my server. Nothing uploaded etc. I wish MS would have something about locking down the Terminal server gateway. I award you the points as no one else responded.
0
 

Author Closing Comment

by:escadmin
ID: 33827176
No answers to locking down the server.
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Sometimes drives fill up and we don't know why.  If you don't understand the best way to use the tools available, you may end up being stumped as to why your drive says it's not full when you have no space left!  Here's how you can find out...
The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question