server 2008 and TSWEB access and making it secure

Hi there,
My users work on TSWEB Access on one of my server 2008 carrying a couple of databases.  They simply go to 'http://server.domainname.com' and logon and work.  Recently I have found too many log on attemts made with fake usernames and pass via the security event 4625.  I further found that anybody can directly remote into the server via external IP.  
Does remote desktop and TSWebaccess go hand in hand?  How can I disable so that fake users will not be able to put the external IP in the direct remote desktop and try to connect to this server, but my domain users still should be able to see my TSwebaccess site at :
http://server.domainname.com'
Help
LVL 5
amanzoorNetwork infrastructure AdminAsked:
Who is Participating?
 
Glen KnightConnect With a Mentor Commented:
>>Does remote desktop and TSWebaccess
Yes and no.  There is the gateway service that uses port 443 rather than 3389, but then this would connect to the Remote Desktop Services via 3389 on behalf of the client.

Sadly, unless all of your clients connect from specific IP addresses there is no way to block which IP's connect because your users could connect from random IP addresses.
0
 
amanzoorNetwork infrastructure AdminAuthor Commented:
THanks Demazter:
Please tell me one thing, once the user type in http://server.mydomain.com, the very first window pops in which is windows security which asks for username and password (which program is sending in this window?  Is it IIS or something else?)  secondly once the user logs in via this window the user sees my TS Web ACCESS page with applications on it, once the user clicks on once of the apps another windows pops up asking for username and pass(this time is it the terminal server asking for authentication? or IIS?
0
 
Darius GhassemCommented:
This question has been classified as abandoned and is being closed as part of the Cleanup Program. See my comment at the end of the question for more details.
0
All Courses

From novice to tech pro — start learning today.