Welcome to ISAserver.org
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
Terminal server secure
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
Terminal server secure - 4.May2004 11:50:00 AM
|
|
|
Marc D
Posts: 2
Joined: 29.Apr.2004
Status: offline
|
Hey,
We are testing the beta2 version of ISA-server 2004.
We want to publish a 2003 terminal server using ISA, and it must be secure.
Using a browser we make a connection using http. After the authentication we receive the TS screen.
Everyhtings work fine when we use an access rule for RDP. The problem is that with this rule the RDP port (3389) is always open to everyone.
We want to create a rule that is only available when the user is authenticated. For this we used the user set 'all authenticated users' on the access-list but that doesn't work.
Does anyone knows a secure way to publush a Terminal Server 2003 to the web using ISA 2004?
Marc.
|
|
|
|
|
RE: Terminal server secure - 4.May2004 12:12:00 PM
|
|
|
tshinder
Posts: 47659
Joined: 10.Jan.2001
From: Texas
Status: offline
|
Hi Marc,
Users still have to log on in order to access the RDP site. Make sure to force 128bit encryption and you can also limit what IP addresses can have access to the site. The HTTP form is just a convenience -- it confers NO security.
HTH,
Tom
|
|
|
|
|
RE: Terminal server secure - 4.May2004 8:42:00 PM
|
|
|
penrose.l@2college.nl
Posts: 474
Joined: 29.Jan.2004
From: Netherlands
Status: offline
|
Hi Marc,
You have at least 3 reasonable options :
1) wait for Service pack 1 for Windows 2003 , it has 128 bit encrrypted RDP.
2) use RDP over http , and encrypt your http session.
3) Use an encrypted VPN tunnel to access your site and then use RDP
All have advantages and disadvantages ,
good luck ,
Lex P.
|
|
|
|
|
RE: Terminal server secure - 7.May2004 12:36:00 PM
|
|
|
tshinder
Posts: 47659
Joined: 10.Jan.2001
From: Texas
Status: offline
|
Hi Lex,
Win2k supports 128bit RDP encryption right out of the box.
Right now, there is no RDP over HTTP. I heard a rumor that they would included RPC over SSL in Win2003 SP1, but I haven't seen it yet.
If you use L2TP/IPSec, that helps protect against brute force attacks, since the attacker is unlikely to have a computer certificate.
Thanks!
Tom
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
