Solved

RemoteApp Server 2008 R2

Posted on 2012-12-27
8
1,042 Views
Last Modified: 2013-11-21
Hello,

When we deploy RemoteApp in Server 2008 R2. Upon clicking on the app:

1) Is the application opened using port 80/443  or still uses 3389?
2) Is there anyway to just move RemoteApp data on 80/443 and block 3389?
3) Is there a way to disable RDP and only enable RemoteApp. My understanding of RemoteApp is that it still uses RDP to open the Apps, but not exactly sure..

Thanks
0
Comment
Question by:masdf123
8 Comments
 
LVL 13

Expert Comment

by:rhinoceros
ID: 38726200
0
 
LVL 4

Expert Comment

by:jjjosef
ID: 38726216
Have a look at the article published on Expert-Exchange itself

It might be helpful for You

Expert Exchange Article

For your Third Query follow the bellow procedure
      
Go to the RDP properties in Terminal Services Configuration Console
In environment tab, select the option "Start the following program when the user....”
Path: c:\windows\system32\logoff.exe
 Start in: c:\windows\system32
0
 
LVL 1

Author Comment

by:masdf123
ID: 38726960
Can someone please answer my questions specifically?
0
Backup Your Microsoft Windows Server®

Backup all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

 
LVL 77

Assisted Solution

by:Rob Williams
Rob Williams earned 334 total points
ID: 38730891
I think a general answer, will answer all 3 questions.
If you enable the TS Gateway service, when you connect to the server you use only port 443 to access the server.  You are authenticated, and then the TS Gateway server uses port 3389 internally to connect to the Terminal Server (now called Remote Desktop Services (RDS)  server, which can be but does not need to be the same server.  In this case external access to port 3389 is not needed at all, no router/firewall opening or port forwarding for port 3389 is required.  Port 3389 is only needed internally, but is needed.  Without the TS Gateway service port 3389 is required externally.  RDP is always needed, even with RemotApps, as it is the protocol/service used for accessing and communicating with the server or PC to which you are connecting.  It is possible to change the the RDP listening port to something other than 3389.

These days due to a virus that spreads via RDP and port 3389, the TS Gateway service, which uses SSL, should always be used instead of direct connections using 3389.
0
 
LVL 27

Assisted Solution

by:Steve
Steve earned 166 total points
ID: 38732529
1) Is the application opened using port 80/443  or still uses 3389?

3389

2) Is there anyway to just move RemoteApp data on 80/443 and block 3389?

Kindof. You can set RDP port to anything you like but you will find issues if it conflicts with another used port, like 443. This doesnt change how it connects, it just changes the port number.
You should try the Web Access feature of Remoteapp, as that uses port 443 (https) and may do what you want.


3) Is there a way to disable RDP and only enable RemoteApp. My understanding of RemoteApp is that it still uses RDP to open the Apps, but not exactly sure..

Again, it's a yes & no. You can use remote web apps and block port 3389 completely, or just set the TS to log users straight off if they log in directly (using login script or group policy etc.)
0
 
LVL 77

Accepted Solution

by:
Rob Williams earned 334 total points
ID: 38733133
As mentioned, if TS Gateway is used there is no need for 3389 or any other redirected port. Handshaking and Internet to server RDP traffic all uses SSL/443.
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
CITRIX Xenapp 7.6 and RDS licensing 8 47
Why does my public IP keep changing? 6 64
PowerShell .lastLogonTimestamp off 11 26
Active Directory Photo Tab 4 25
Synchronize a new Active Directory domain with an existing Office 365 tenant
Is your Office 365 signature not working the way you want it to? Are signature updates taking up too much of your time? Let's run through the most common problems that an IT administrator can encounter when dealing with Office 365 email signatures.
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question