• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 412
  • Last Modified:

CoRD client over SBS 2008 network.

Hi,

I can connect to a remote desktop session with either Microsoft RDP client for MAC or CoRD.  However, I can only seem to connect to the server.  Is there a conditional command when connecting that will allow a connection to a specfic computer on the SBS network behind the firewall?

Thank You
0
Eugene_Palmer
Asked:
Eugene_Palmer
  • 4
  • 4
1 Solution
 
junior15Commented:
There isn't any special command to RDP through one computer to reach another. I'm assuming the server you can connect to is acting as a firewall between you and the computers you would like to connect to. Are you connecting to a remote network over the Internet or are you connecting to computers on the same LAN or maybe a corporate WAN? Are the computers behind the firewall accessible from your computer (can you ping their IP? if you are accessing from the Internet, are they using public or private IPs?)

If the server is acting as a firewall and router effectively hiding the computers behind it, you will need to configure the server/firewall for port forwarding to allow you to connect to the computers on the internal network. If the server is just blocking the traffic and not performing NAT, then you just need to add a rule to allow RDP to whatever computer you want to connect to.

Another way of getting to the computers in the network would be to RDP to the server, then RDP from there to the computers on the inside.

If you still need help, please provide us with more details about how the network is setup and exactly what you are trying to do.
0
 
Eugene_PalmerAuthor Commented:
Hi,

I able to connect using the server address remote.xxxx.xxx either remotely or on the lan, then result is the same, a desktop session to the server which makes sense since that is how the normal port forwarding works through the firewall Internet resolve "remote.xxxx.xxx" to internet IP address> firewall> 3389 port forward>server IP.  Great, but I have several users who would like to connect to their Windows desktops from their home MACS (big surprise) and I cannot simply hand them the server credentials and have piggybacked remote sessions running amok.

So, the SBS 2008 server is not acting as a firewall, but routes the users through the TS gateway.  The RDP clients CoRD and MS RDP do not seem to have a mechanism for having the users be routed differently from the fixed firewall rules.

This may not be possible, but it seems so close.  I have tried remote.xxxx.xxx:LAN IP, remote.xxxx.xxx\computername which of course don't work.

I doubt having a port forward rule that has a different port for each computer on the LAN would work either since they would not be routed through the TS gateway and how would the RDP client know which user was which?  If you input WAN IP:3390 on the RDP client would that = machine "A" WAN IP:3391= machine "B" etc?
0
 
junior15Commented:
Actually, it looks like TS gateway on SBS 2008 will do what you want. Here is a page that describes some options:
http://blogs.technet.com/b/sbs/archive/2008/09/26/can-i-use-terminal-services-in-sbs-2008.aspx
and here is a step-by-step for setting up TS gateway:
http://technet.microsoft.com/en-us/library/cc771530(WS.10).aspx

There are quite a few steps, but you've probably already got some of them done if you have the TS gateway setup. It's possible you just need to configure it allow access to the computers you want to allow access to.

If you take a look at those links and still need help, let us know where you need more help at and we'll see what we can do.

Hope this helps.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
Eugene_PalmerAuthor Commented:
RWW already works perfectly and has since it's installation.  That is not the question.  Does the mac rdp client support user routing is the question.
0
 
junior15Commented:
From what I can find, the MS RDP client for Mac OS X doesn't support TS Gateway. I did find one that does: http://itap-mobile.com/desktop/rdp

Hope this helps.
0
 
Eugene_PalmerAuthor Commented:
ok, so if 3389 is forwarded to a specific machine and RWW does not use 3389 one client should work and not break the RWW others are using.  Wild shot is to then have the 2nd CoRD rdp type in remote.xxxxxx.xxx:3390 and port forward that to the second lan machine ip?  I'll try it and doubt it will work.  Machine rdp host would need to accept port change.
0
 
junior15Commented:
You should be able to setup a rule in the firewall to forward the traffic from WAN port 3390 to port 3389 on a specific computer on the LAN. You can setup any port on the outside to forward to any port on the inside. This is what I used to do with my computers on my home network. Port 3390 would forward to 192.168.1.1 port 3389, port 3391 would forward to port 3389 on 192.168.1.2 and so on. You can do this for every computer on your LAN if you want to. Something to consider though, is that this will allow anybody to RDP directly to those computers. They will still need credentials to login to the computer, so it's not wide open, but it is something to keep in mind.

Hope this helps.
0
 
Eugene_PalmerAuthor Commented:
I have been banging at this and have at least some success in a test environment, but can't get it going in production.  When I changed the firewall rules on a Sonicwall TZ190 to allow port 3389 WAN>LAN to an individual machine on the SBS LAN I could then RDP from a Mac running CoRD.  

This does not affect the function of SBS RWW as I can still connect to any SBS LAN machine with RWW.  I gather the  SBS TS gateway is handling the forwarding of 443 to individual machines on 3389.  So at least that works, next I'll try the multiple 3390>3389, 3391>3389.

When I changed the same firewall rule on a Sonicwall NSA240 to allow 3389 to an individual machine on an SBS LAN I still can't connect.  I've been going over the firewall and can't find why it's not working.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 4
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now