Improve company productivity with a Business Account.Sign Up

x
?
Solved

Restrict Terminal Services to particular IPs in SBS 2003

Posted on 2010-11-20
7
Medium Priority
?
666 Views
Last Modified: 2012-05-10
Hi all,

Yes, I know ... we do this through the Firewall ... but my firewall is not running because another program is running that might be using the NAT component (Ipnat.sys).

I read a bit, and tis happens if ISA is used, not our case, or if RAS is used. We use remove connections to allow VPN Users into the server using a range of IPs.

Is there a way to have it all, RAS and Windows firewall running so that I can limit TS to few IPs?

Thanks in advanced.
0
Comment
Question by:phermi
7 Comments
 

Author Comment

by:phermi
ID: 34182898
The_Dark1: Thanks, but not really.

What we have here is brutal-force attacks from folks in Europe trying o guess the Administrator password while programmatically attempting to connect using RDC.

The system is slowed down to the point of crawling and the logs are full of account locking issues.

All I wanted was to be able to set rules in the firewall so only certain IPs will be accepted for RDC connection.

Plan B will be to change the RDP listening port
0
 
LVL 4

Accepted Solution

by:
The_Dark1 earned 800 total points
ID: 34182907
What type of Firewall are you using?

My thought process would be to terminate the VPN's are the firewall level. And then allowing access to RDP From that point through... This way you protect your LAN.

I am referring to your modem/router as they have Firewall's in them too...
0
Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

 
LVL 37

Assisted Solution

by:bbao
bbao earned 600 total points
ID: 34183365
> All I wanted was to be able to set rules in the firewall so only certain IPs will be accepted for RDC connection

normally you should set rules on the firewall and it seems you have known how to set the rules there??

however, on TS server you may also instantly restrict a specific IP or group of IPs by changing the routing table like this:

ROUTE ADD 1.2.3.4 mask 255.255.255.255 192.168.1.222 metric 1
ROUTE ADD 2.3.4.0 mask 255.255.255.0 192.168.1.222 metric 1

where 1.2.3.4 and 2.3.4.0/24 are the IPs to be banned, and 192.168.1.222 is an IP not existing on TS' local subnet (assume it is 192.168.1.0).

hope it helps,
bbao
0
 

Author Comment

by:phermi
ID: 34184839
The_Dark1: this is hosted server and ys there is a firewall (Cisco PIX 515R ) in front of it, but it is  not VPN capable.
0
 
LVL 15

Assisted Solution

by:greg ward
greg ward earned 600 total points
ID: 34191611
access-list from-outside-coming-in deny ip 123.0.0.0 0.255.255.255 any eq <tsportnumber>
access-list from-outside-coming-in permit ip any any

the above would block the range 123.*.*.* using the port <tsportnumber>

from
http://www.netcraftsmen.net/resources/archived-articles/372.html

Greg
0
 

Author Comment

by:phermi
ID: 34303203
I apologize for the huge delay ....

I do not have access to change anyhting in the PIX and honestly, I was hopping for an easy way to say "do not accept TS request excpt from XX.yy.zz.ww.

I appreciate your efforts and I will assign points to both of you, not because I can fix my problem based on your suggestions, but for the fact that you did care about it,
0

Featured Post

Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

I work for a company that primarily works with small businesses as their outsourced IT vendor. As such the majority of these customers utilize some version of Small Business Server. Due to the economics of running a small business, many of these cus…
Let us take a look at the scenario, you have a database that is corrupt and you run the ESEUTIL command only to find you are unable to repair it. How do you now get the data back?
Free Data Recovery software is an advanced solution from Kernel Tools to recover data and files such as documents, emails, database, media and pictures, etc. It supports recovery from physical & logical drive after a hard disk crash, accidental/inte…
When you have multiple client accounts to manage, it often feels like there aren’t enough hours in the day. With too many applications to juggle, you can’t focus on your clients, much less your growing to-do list. But that doesn’t have to be the cas…

595 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question