I have owned your book for quite some time and have found it very helpful. We are testing ISA2k4 and have it mostly configured. One issue we are still struggling with is Remote Desktop into our internal network from the outside. We see the Terminal Services protocol but that appears to be for outbound verses inbound.
We can establish a VPN connection thru ISA, but not Remote Desktop. We have this working on our ISA2K server. Any help would be greatly appreciated.
I've done it too. On a default installation of ISA 2004, the first thing I did was making a protocol definition for Terminal Services. On the "primary connection information" page of the "new protocol definition" wizard, click "new". Here you can select TCP as protocol type and Inbound as direction. In the port range you only have to fill in "3389" in the from-field. That should do it...
Thanks everyone for your comments. We attempted to use the server publishing rule for inbound RDP access and the only thing we got it to work with was the ISA server itself (which is also the VPN server). Any ideas?
Just a thought : if you have it working on the ISA server itself , the port might be in use ( actually it will be in use and the publishing won't work ). try to disable terminal server on the ISA server , then do a netstat -a -n to see if there's no ports 3389 in use , then publish the internal server , do a netstat -a -n to see that port 3389 is 'listening' on the correct NIC , and try to do a RDP session FROM the firewall TO the internal server ( if it doesn't work , it won't be able to publish the server anyway ).
You might also need to allow 'External' network access to port 3389 to the 'Internal' network.
Make sure that the RDP services on the ISA box are listening only on the internal interface. That was easy to do with Terminal Services, because you can use the Terminal Services manager. I haven't looked into how to do that with Remote Desktop on the Windows 2003 box.