Welcome to ISAserver.org
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
RE: Discussion about part 3 of article on publishing TSAC sites
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
RE: Discussion about part 3 of article on publishing TS... - 15.Mar.2006 3:28:46 PM
|
|
|
tshinder
Posts: 46971
Joined: 10.Jan.2001
From: Texas
Status: offline
|
Hi Patrick,
I'm getting a forbidden message. Looks like maybe the public name isn't configured correctly in the Web Publishing Rule.
HTH,
Tom
_____________________________
Thomas W Shinder, M.D.
Sr. Consultant/Technical Writer
Prowess Consulting http://www.prowessconsulting.com/
Blog: http://blogs.isaserver.org/shinder/
GET THE NEW ISA 2006 Book!: http://tinyurl.com/2gpoo8
|
|
|
|
|
RE: Discussion about part 3 of article on publishing TS... - 1.Jan.2007 10:04:31 PM
|
|
|
Sunny.C
Posts: 800
Joined: 5.Apr.2005
From: sydney
Status: offline
|
Hey guys,
Just wondering how to get this working on ISA 2006 when you are using a SSL listener for OWA aswell.
Thanks.
|
|
|
|
|
RE: Discussion about part 3 of article on publishing TS... - 19.Jan.2008 3:30:07 AM
|
|
|
mortem
Posts: 2
Joined: 19.Jan.2008
Status: offline
|
Hi,
I just did the install in on my testing ISA 2004 SP2 server and everthing seems to work well.
Only downside was when i tested
PS: my clients are windows XP SP2 with IE7 or Windows 2003 std SP2 with IE7 too.
Here are my 2 problems:
1- This problem is not serious but when i put the URL https://mywebsite, i can access it. I can access only when i https://mywebsite/tsweb. Is it normal? Is it possible to redirect the URL, like that, i would have to write /tsweb...
2- This is my real problem: when i put my URL https://mywebsite/tsweb, I have the windows popup to write my login and password and after that, i've the web page to connect on client that is open. So, everything is normal.
But on the top of page, i have the security warning that tell me to install "terminal services activex client" module. This is also normal but when i do it... it doesn't install. The warning is still at the top and the "connect" tab is always impossible to clic.
I was thinking this can come from my IIS, so i connected directly on it from my internal network and i'v been able to install the module. It seems this problem occure only when i'm on the External side of my ISA server. Does someone as an idea?
Thanks a lot for your help.
PM
|
|
|
|
|
RE: Discussion about part 3 of article on publishing TS... - 20.Jan.2008 1:06:45 PM
|
|
|
tshinder
Posts: 46971
Joined: 10.Jan.2001
From: Texas
Status: offline
|
1. You can create a Deny Web Publishing Rule on the ISA Firewall and redirect to the Https site
2. You might have to configure the clients to allow ActiveX by changing the security settings on the browser.
HTH,
Tom
_____________________________
Thomas W Shinder, M.D.
Sr. Consultant/Technical Writer
Prowess Consulting http://www.prowessconsulting.com/
Blog: http://blogs.isaserver.org/shinder/
GET THE NEW ISA 2006 Book!: http://tinyurl.com/2gpoo8
|
|
|
|
|
RE: Discussion about part 3 of article on publishing TS... - 20.Jan.2008 2:27:39 PM
|
|
|
mortem
Posts: 2
Joined: 19.Jan.2008
Status: offline
|
Hi tshinder,
I'm sorry but your solution doesn't apply to my problem.
My browser works well because when i contact the website from my internal network (so without passing the ISA), i can download the ActiveX Control.
But when i'm outside, this is impossible
And I did a rule that allow all trafic from the Inside to the Outside.
Does anyone has encountered this problem and know a solution?
thanks a lot
PM
|
|
|
|
|
RE: Discussion about part 3 of article on publishing TS... - 20.Jan.2008 6:01:38 PM
|
|
|
Sunny.C
Posts: 800
Joined: 5.Apr.2005
From: sydney
Status: offline
|
quote:
My browser works well because when i contact the website from my internal network (so without passing the ISA), i can download the ActiveX Control.
But when i'm outside, this is impossible
And I did a rule that allow all trafic from the Inside to the Outside.
As Tom said sounds like a Browser problem or even firewall issue on the local pc. Are you getting any errors in your logs? You might want to check your browser security setting, make sure it is not blocking the externally address.
What does your TS rule looking like?
< Message edited by Sunny.C -- 20.Jan.2008 6:03:41 PM >
|
|
|
|
|
RE: Discussion about part 3 of article on publishing TS... - 21.Apr.2008 7:40:10 AM
|
|
|
birdan
Posts: 3
Joined: 19.Apr.2008
Status: offline
|
Hi
I'm using the ISA 2004 with "Remote Desktop Web Connection - External Interface of the ISA Firewall uses a Private IP Address" since a few days - and it works perfect! Thanks!
Now I have to "enhance" the security trough a company security policy. The clients have to install a SSL certificate on the private computer to logon the company server with the "Remote Desktop Web Connection" feature. I've tried to add the “SSL certificate” option in the “SSL Listener” additional to the “Basic” Authentication. Now – when I connect to server - the ISA server ask for a username, password and the certificate – but I can choose any certificate or just abort this dialog box – I always can logon the server. I think my way is the wrong way, isn’t?
I have two of the ISA server books and some Internet articles about ISA 2004 but I can’t find any solution. Is there solution available?
Daniel Birrer
info@birdan.org
Switzerland
|
|
|
|
|
RE: Discussion about part 3 of article on publishing TS... - 22.Apr.2008 1:59:34 PM
|
|
|
tshinder
Posts: 46971
Joined: 10.Jan.2001
From: Texas
Status: offline
|
Hi Daniel,
Not sure what you're trying to accomplish here. Are you trying to enforce User Certificate Authentication to access the Remote Desktop Web Connection Site?
Thanks!
Tom
_____________________________
Thomas W Shinder, M.D.
Sr. Consultant/Technical Writer
Prowess Consulting http://www.prowessconsulting.com/
Blog: http://blogs.isaserver.org/shinder/
GET THE NEW ISA 2006 Book!: http://tinyurl.com/2gpoo8
|
|
|
|
|
RE: Discussion about part 3 of article on publishing TS... - 24.Apr.2008 10:45:21 AM
|
|
|
tshinder
Posts: 46971
Joined: 10.Jan.2001
From: Texas
Status: offline
|
Hi Daniel,
I don't think I covered User Certificate Authentication in the books.
In order for the ISA Firewall to support User Certificate authentication, you need to enable KCD on the ISA Firewall, or use a Server Publishing Rule to publish the secure site so that the client can auth directly with the Web site.
HTH,
Tom
_____________________________
Thomas W Shinder, M.D.
Sr. Consultant/Technical Writer
Prowess Consulting http://www.prowessconsulting.com/
Blog: http://blogs.isaserver.org/shinder/
GET THE NEW ISA 2006 Book!: http://tinyurl.com/2gpoo8
|
|
|
|
|
RE: Discussion about part 3 of article on publishing TS... - 28.Apr.2008 4:38:01 AM
|
|
|
birdan
Posts: 3
Joined: 19.Apr.2008
Status: offline
|
Hi Tom,
I will check and try this in the next days.
Thank you for your help,
Daniel
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
Thanks! 