Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Publish RDP Server on W2003 Server behing Isa 2006 enterprise

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA 2006 Publishing] >> Server Publishing >> Publish RDP Server on W2003 Server behing Isa 2006 enterprise Page: [1]
Login
Message << Older Topic   Newer Topic >>
Publish RDP Server on W2003 Server behing Isa 2006 ente... - 30.Jun.2008 9:38:19 AM   
orlandohg

 

Posts: 4
Joined: 30.Jun.2008
Status: offline 		Dear Friends, i try to explain my problem.

1. I have a Router with an Public Ip and the router port 3389 go to the Isa Interface where service is listening. The Isa has in the nic 172.16.0.6 and router 172.16.0.5.
2. The internal network RDP Server IP is 192.168.13.18.
3. I Publish the server rule with the Assistant of Isa.

When I try to connect to my public ip in the Isa Log say that
Deny Conexion - Enterprise Default Rule - 0xc004000dFWX_E_POLICY_RULES_DENIED

I try to public the service on other port but I obtain the same result.
The publish server is a nat client of Isa, but at the moment the problem appears that the isa not route the conecctio to the server.
ŋis necessary anything more? Perhaps network rules
I donīt understand what is the problem, could somebody help me.
Post #: 1
RE: Publish RDP Server on W2003 Server behing Isa 2006 ... - 1.Jul.2008 7:48:24 AM   
tshinder

 

Posts: 47010
Joined: 10.Jan.2001
From: Texas
Status: offline 		Make sure the RDP listener on the ISA firewall itself is configured to listen only on the internal interface.

HTH,
Tom

_____________________________

Thomas W Shinder, M.D.
Sr. Consultant/Technical Writer
Prowess Consulting http://www.prowessconsulting.com/
Blog: http://blogs.isaserver.org/shinder/

GET THE NEW ISA 2006 Book!: http://tinyurl.com/2gpoo8

(in reply to orlandohg)
Post #: 2
RE: Publish RDP Server on W2003 Server behing Isa 2006 ... - 1.Jul.2008 1:32:33 PM   
orlandohg

 

Posts: 4
Joined: 30.Jun.2008
Status: offline 		Dear Tom, now the RDP listener listen only on the internal interface, but this wasnīt the problem why, I had try connect over other ports differents 3389 and obtained the same result.

This morning reviewing all the configuration I've seem that the oversight panel alerts have an error in publishing server that says: 
Description: Error in Rule Publication Publication X server because there is no valid listening network. To reach that requests the server published, there must be a relationship between networks listening selected and  networks published server. Location of error: 325.957.5.0.5720.100.
The error is due to the following: 0x8007000d I donīt understand this error due to when i configure all i do the next steps: 1. Add a new external network when is the public ip router.2. Add a new network relationship between external network interface where is the server to publish and and internal network interface using nat as relation.3. Add a new publish server rule listen esternal network interface an with the ip of the server to poblish. where do yo think is the problem? Thanks for all  

(in reply to tshinder)
Post #: 3
RE: Publish RDP Server on W2003 Server behing Isa 2006 ... - 2.Jul.2008 9:49:48 AM   
tshinder

 

Posts: 47010
Joined: 10.Jan.2001
From: Texas
Status: offline 		What is the definition of your default Internal Network?

What is the IP address on the external interface of the firewall?
What is the IP address on the internal interface of the firewall?

Did you create new ISA Firewall Networks? If so, remove them

Do you have a Network Rule that connects Internal to External? Is it Route or NAT?

Tom

_____________________________

Thomas W Shinder, M.D.
Sr. Consultant/Technical Writer
Prowess Consulting http://www.prowessconsulting.com/
Blog: http://blogs.isaserver.org/shinder/

GET THE NEW ISA 2006 Book!: http://tinyurl.com/2gpoo8

(in reply to orlandohg)
Post #: 4
RE: Publish RDP Server on W2003 Server behing Isa 2006 ... - 3.Jul.2008 8:12:51 PM   
orlandohg

 

Posts: 4
Joined: 30.Jun.2008
Status: offline 		Dear Tom, I have already succeeded in establishing a connection using a scenario of two network cards internal an external. I have been able to access the network server internal published. The problem was in the rules of network, allowing traffic to the internal external, but not from internal to external.

Now I have added another network that connects isa to a vpn between several offices of my company. The vpn is managed by the telephone company. What is the form to define this network in Isa to be able to publish the internal network server through this Vpn.  Internal Server: 192.168.13.18/24Internal Lan Isa: 192.168.13.6/24External Lan Isa to VPN: 172.16.0.6Router VPN: 172.16.0.5VPN Client: 10.227.128.X If i defined the Vpn as an external network, and i create network rules between internal an Vpn network and publish the server, when i try to connect from vpn client in the isa log says that 10.227.128.X not is in my networks. If add this network to the VPN Network, i obtain an error of configuration in Dashboard. I think that i must define the VPN Network in Isa as VPN network but i donīt do it. what do you think about this? Thanks.


(in reply to tshinder)
Post #: 5
RE: Publish RDP Server on W2003 Server behing Isa 2006 ... - 6.Jul.2008 9:51:55 AM   
tshinder

 

Posts: 47010
Joined: 10.Jan.2001
From: Texas
Status: offline 		Did you create a static address pool for the remote access VPN clients?

Tom

_____________________________

Thomas W Shinder, M.D.
Sr. Consultant/Technical Writer
Prowess Consulting http://www.prowessconsulting.com/
Blog: http://blogs.isaserver.org/shinder/

GET THE NEW ISA 2006 Book!: http://tinyurl.com/2gpoo8

(in reply to orlandohg)
Post #: 6
RE: Publish RDP Server on W2003 Server behing Isa 2006 ... - 6.Jul.2008 7:02:33 PM   
orlandohg

 

Posts: 4
Joined: 30.Jun.2008
Status: offline 		I supose that when you say that if i have created a static address pool for the remote access VPN clients, you arenīt understanding me or Iīm not explain good my problem.

I have added another network that connects isa to a vpn between several offices of my company. The vpn is managed by the telephone company not for the isa. What is the form to define this network in Isa to be able to publish the internal network server through this Vpn.

The problem is when a client in the other office try to connect with the 10.227.127.x address the isa sever stops this packets why say that is not in its networks, the isa network that connects with this has the 172.16.0.6, and if I add the 10.227.127.x address in the net, the isa show an alert of bad configuration.

Understand me now ?

Thannk for your time in my problem


(in reply to tshinder)
Post #: 7
RE: Publish RDP Server on W2003 Server behing Isa 2006 ... - 7.Jul.2008 9:51:16 AM   
tshinder

 

Posts: 47010
Joined: 10.Jan.2001
From: Texas
Status: offline 		You can't put the 10.227.127 Network in the defintiion of the default Internal Network if those addresses aren't reachable from that NIC.

Create a new ISA Firewall Network for the 10.227.127 network. Then create a Network Rule to connect the default Internal Network to the 10.227.127 network.

HTH,
Tom

_____________________________

Thomas W Shinder, M.D.
Sr. Consultant/Technical Writer
Prowess Consulting http://www.prowessconsulting.com/
Blog: http://blogs.isaserver.org/shinder/

GET THE NEW ISA 2006 Book!: http://tinyurl.com/2gpoo8

(in reply to orlandohg)
Post #: 8

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA 2006 Publishing] >> Server Publishing >> Publish RDP Server on W2003 Server behing Isa 2006 enterprise Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts