Steve Samson
asked on
Terminal services on windows 2003 Enterprise
The Problem is as follows:
I created a new windows server 2003 Enterprise server domain controller
the server has 2 nics
one is configured for intranet the other connects to my router. My router points the 3389 port to the server, how ever the server doesn't pickup the terminal services request. what neds to be configured on windows server 2003 for the RDP to work via the internet side nic, note the intranet side rdp works just fine.
Help!
I created a new windows server 2003 Enterprise server domain controller
the server has 2 nics
one is configured for intranet the other connects to my router. My router points the 3389 port to the server, how ever the server doesn't pickup the terminal services request. what neds to be configured on windows server 2003 for the RDP to work via the internet side nic, note the intranet side rdp works just fine.
Help!
NOTE: And a MAJOR one at That. Unless you're using something ISA server on the DC, it's hugely bad practice to:
1. Expose your DC to the internet
2. Multihome a domain controller
This does seem to be a common example in SBS based installations with the remote workplace function. I cringe at this concept, but if using ISA server firewall, it's not sooo bad.
Another thought, typically when multihoming a DC, you have to try to make sure that services are only bound to ONE of the interfaces. Otherwise, it'll list the outside interface potentially for many services, including A records, and the outside interface generally isn't reachable by your inside clients. The most problematic of this is the A record for the DC, and the A record(SAME AS PARENT) for the domain. When a client queries for your domain A record, such as mycompany.local, it'll get two results, one of which is not reachable--bottom line, causing a 50% failure rate on initial lookups. Same goes if you attempt to connect to the DOMAIN's NETLOGON/SYSVOL share instead of a specific DC's netlogon/sysvol share.
1. Expose your DC to the internet
2. Multihome a domain controller
This does seem to be a common example in SBS based installations with the remote workplace function. I cringe at this concept, but if using ISA server firewall, it's not sooo bad.
Another thought, typically when multihoming a DC, you have to try to make sure that services are only bound to ONE of the interfaces. Otherwise, it'll list the outside interface potentially for many services, including A records, and the outside interface generally isn't reachable by your inside clients. The most problematic of this is the A record for the DC, and the A record(SAME AS PARENT) for the domain. When a client queries for your domain A record, such as mycompany.local, it'll get two results, one of which is not reachable--bottom line, causing a 50% failure rate on initial lookups. Same goes if you attempt to connect to the DOMAIN's NETLOGON/SYSVOL share instead of a specific DC's netlogon/sysvol share.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I hope that server 2008 is easyer to work with.
You are not able to remote in from the internet side because your firewall is blocking incoming internet traffic. You need to create an exception for 3389 in your firewall and allow internet sources. Your firewall will let local traffic through by default which is why you have intranet access. Are you using Windows Firewall?