• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Discussion about part 3 of article on publishing TSAC sites

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 General ] >> Server Publishing >> Discussion about part 3 of article on publishing TSAC sites Page: [1] 2   next >   >>
Login
Message << Older Topic   Newer Topic >>
Discussion about part 3 of article on publishing TSAC s... - 5.Feb.2006 6:24:11 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
This thread is for discussing part 3 of the article series on how to publish TSAC sites at http://www.isaserver.org/tutorials/Publishing-Remote-Desktop-Web-Connection-Sites-ISA-Firewall-Part3.html

Thanks!
Tom

< Message edited by tshinder -- 5.Feb.2006 8:24:47 PM >


_____________________________

Thomas W Shinder, M.D.
Post #: 1
RE: Discussion about part 2 of article on publishing TS... - 5.Feb.2006 6:54:37 PM   
LLigetfa

 

Posts: 2187
Joined: 10.Aug.2004
From: fort frances.on.ca
Status: offline
Hmmm...
Topic says Part 2, body and link say Part 3.

_____________________________

The School of Hard Knocks is a mean teacher. She gives the exam before the lesson.

(in reply to tshinder)
Post #: 2
RE: Discussion about part 2 of article on publishing TS... - 5.Feb.2006 8:24:28 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Les,

Whoops!!

I'll fix that

Thanks!
Tom

_____________________________

Thomas W Shinder, M.D.

(in reply to LLigetfa)
Post #: 3
RE: Discussion about part 3 of article on publishing TS... - 11.Feb.2006 11:25:35 AM   
RS_TURBO

 

Posts: 20
Joined: 7.Feb.2006
Status: offline
Hi

Can anyone confirm Tsweb works with ISA 2004 SP2 installed?

It only works with SP1 installed for me that is. With SP2 installed i get the error "Cannot find server or DNS error"

Regards

RS

(in reply to tshinder)
Post #: 4
RE: Discussion about part 3 of article on publishing TS... - 12.Feb.2006 7:42:39 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi RS,

What errors in the ISA firewall log do you see for the failed connections?

Thanks!
Tom

_____________________________

Thomas W Shinder, M.D.

(in reply to RS_TURBO)
Post #: 5
RE: Discussion about part 3 of article on publishing TS... - 14.Feb.2006 7:01:33 AM   
RS_TURBO

 

Posts: 20
Joined: 7.Feb.2006
Status: offline
Tom

It was only an IE issue! I re-installed IE by right clicking ie.inf-->install and after that everything worked fine!

My next mission is to try and use TSweb but re-direct the RDP port so it's not on 3389. I dont like the idea of someone using RDP straight through the firewall.  Am i wasting my time?? anyway i will let you know how it goes.

regards

RS

(in reply to tshinder)
Post #: 6
RE: Discussion about part 3 of article on publishing TS... - 14.Feb.2006 7:29:22 PM   
PatrickPinto

 

Posts: 57
Joined: 5.Oct.2005
Status: offline
Tom,

I followed the articles and have run into a proble. I can get to my terminal services logon page at http://ts.pennoni.com/tsweb but once I enter the server name of what I want to connect to I get an error saying the server is not available. The rdp server and and remote desktop web connection is one and the same server.

Any ideas why this would happen?

Just some info...I have my isa 2004 box set up in a pix-isa (one nic going to dmz nic on the pix and the other on internal lan)

Patrick

(in reply to tshinder)
Post #: 7
RE: Discussion about part 3 of article on publishing TS... - 14.Feb.2006 7:33:45 PM   
PatrickPinto

 

Posts: 57
Joined: 5.Oct.2005
Status: offline
I also published another server just to test it and that did not work either...and rdp is enabled on both them

(in reply to PatrickPinto)
Post #: 8
RE: Discussion about part 3 of article on publishing TS... - 14.Feb.2006 10:48:56 PM   
RS_TURBO

 

Posts: 20
Joined: 7.Feb.2006
Status: offline
Check live logging and see exactly what RDP is trying to do?

Have you checked you can striaght RDP via ts.pennoni.com?

Are you using ts.pennoni.com as the server name?

regards

RS

(in reply to PatrickPinto)
Post #: 9
RE: Discussion about part 3 of article on publishing TS... - 15.Feb.2006 2:20:41 PM   
PatrickPinto

 

Posts: 57
Joined: 5.Oct.2005
Status: offline
I cannot straight rdp to ts.pennoni.com...I can onoy get to it if I type http://ts.pennoni.com/tsweb

The actual servername is phl-term-01

Any ideas? How do I enable and check live logging?

Thanks for the help.

(in reply to RS_TURBO)
Post #: 10
RE: Discussion about part 3 of article on publishing TS... - 15.Feb.2006 5:03:28 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
quote:

ORIGINAL: RS_TURBO

Tom

It was only an IE issue! I re-installed IE by right clicking ie.inf-->install and after that everything worked fine!

My next mission is to try and use TSweb but re-direct the RDP port so it's not on 3389. I dont like the idea of someone using RDP straight through the firewall.  Am i wasting my time?? anyway i will let you know how it goes.

regards

RS


Hi RS,

Great! I figured it had to be something other than an ISA firewall issue.

Thanks!
Tom

_____________________________

Thomas W Shinder, M.D.

(in reply to RS_TURBO)
Post #: 11
RE: Discussion about part 3 of article on publishing TS... - 16.Feb.2006 4:34:11 AM   
RS_TURBO

 

Posts: 20
Joined: 7.Feb.2006
Status: offline
PatrickPinto to check live logging you need to expand your server and click Monitoring-->click the tab "Logging"-->click start new query.

Make sure you publish RDP server so it listens in on the ip address of ts.pennoni.com.
 
When you browse http://ts.pennoni.com/tsweb you need to enter ts.pennoni.com as the server name not the internal server name.
 
regards
 
RS

(in reply to tshinder)
Post #: 12
RE: Discussion about part 3 of article on publishing TS... - 16.Feb.2006 8:41:07 PM   
PatrickPinto

 

Posts: 57
Joined: 5.Oct.2005
Status: offline
Thanks so much RS. This is what I see through live logging

Destination ip 192.168.54.x (internal ip of ts box) Protocol 3389 RDP (terminal Services) Action is Denied Rule is Default Rule Source Network is external and Destination is localhost?

Why would it be denying it? I thought my server publishing rule would allow it?

Your also wrote - Make sure you publish RDP server so it listens in on the ip address of ts.pennoni.com. I am not sure I understamd..where and how to do this?
 
Thanks so much.

(in reply to tshinder)
Post #: 13
RE: Discussion about part 3 of article on publishing TS... - 17.Feb.2006 2:31:28 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Patrick,

Have you bound to RDP listener to the internal only? If not, do that now.

HTH,
Tom

_____________________________

Thomas W Shinder, M.D.

(in reply to PatrickPinto)
Post #: 14
RE: Discussion about part 3 of article on publishing TS... - 18.Feb.2006 3:25:05 AM   
lightiv

 

Posts: 42
Joined: 11.Feb.2001
Status: offline
Hi Patrick,

I'm not sure if it has been covered but everytime I have to install OWA after a long period of time I have problems.  For me it is an easy fix but remebering what to do is what gets me.  Anyway here is my little bit of advice:

If you have IIS installed on the ISA server make sure you do not use the default of Port 80 and Port 443 in IIS.  IIS was claiming these ports before ISA so everytime I tried to OWA in it would fail.  I noticed here on the board that Tom said look at the Alerts tab in Monitoring on ISA and there I found that the web proxy filter failed to bind to port 443.  The error message said that this usually happens when another application uses the port...  With this piece of information I stopped and thought about it and whammo it hit me.

I hope this helps.

Paul

(in reply to tshinder)
Post #: 15
RE: Discussion about part 3 of article on publishing TS... - 18.Feb.2006 4:01:21 AM   
lightiv

 

Posts: 42
Joined: 11.Feb.2001
Status: offline
Hi Tom,

If I understand all this correctly...RDP has its own encryption (I read this on Microsoft site) so using the TSAC is no different than using TSWEB because RDP does not tunnel inside of the HTTP/HTTPS.  Basically TSWEB initiates the connection but RDP then makes its own independent connection.

The only purpose of the TSWEB is so that you can use the ActiveX client and do not have to use the TSAC.

Did I get this all right?

Thanks,

Paul

(in reply to lightiv)
Post #: 16
RE: Discussion about part 3 of article on publishing TS... - 18.Feb.2006 6:16:20 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Paul,

You're absolutley right!

Tom

_____________________________

Thomas W Shinder, M.D.

(in reply to lightiv)
Post #: 17
RE: Discussion about part 3 of article on publishing TS... - 28.Feb.2006 3:53:37 AM   
PatrickPinto

 

Posts: 57
Joined: 5.Oct.2005
Status: offline
Hey all...still having the same problem.

if anyone can take a look at https://ts.pennoni.com/tsweb you will see the remote desktop web page loads up. If you put in the servername of ts.pennoni.com and click connect it seems to hang for awhile like it is trying to do something but then I get an error saying it could not connect to the rremote computer.

I figure I have the the web publishing rule set up correctly if I can get this far. And I have published the actual terminal server correctly. Any ideas of where I am going wrong?

(in reply to tshinder)
Post #: 18
RE: Discussion about part 3 of article on publishing TS... - 5.Mar.2006 3:44:24 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Patrick,

Actually, the URL gets you to the OWA page.

Tom

_____________________________

Thomas W Shinder, M.D.

(in reply to PatrickPinto)
Post #: 19
RE: Discussion about part 3 of article on publishing TS... - 10.Mar.2006 11:02:28 PM   
PatrickPinto

 

Posts: 57
Joined: 5.Oct.2005
Status: offline
Sorry Tom, I was messing around. Can you take a look at it now?

Thanks for all your help.

(in reply to tshinder)
Post #: 20

Page:   [1] 2   next >   >> << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 General ] >> Server Publishing >> Discussion about part 3 of article on publishing TSAC sites Page: [1] 2   next >   >>
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts