Discussion about part 3 of article on publishing TSAC sites (Full Version)

All Forums >> [ISA Server 2004 General ] >> Server Publishing



Message


tshinder -> Discussion about part 3 of article on publishing TSAC sites (5.Feb.2006 6:24:11 PM)

This thread is for discussing part 3 of the article series on how to publish TSAC sites at http://www.isaserver.org/tutorials/Publishing-Remote-Desktop-Web-Connection-Sites-ISA-Firewall-Part3.html

Thanks!
Tom




LLigetfa -> RE: Discussion about part 2 of article on publishing TSAC sites (5.Feb.2006 6:54:37 PM)

Hmmm...
Topic says Part 2, body and link say Part 3.




tshinder -> RE: Discussion about part 2 of article on publishing TSAC sites (5.Feb.2006 8:24:28 PM)

Hi Les,

Whoops!!

I'll fix that [&:]

Thanks!
Tom




RS_TURBO -> RE: Discussion about part 3 of article on publishing TSAC sites (11.Feb.2006 11:25:35 AM)

Hi

Can anyone confirm Tsweb works with ISA 2004 SP2 installed?

It only works with SP1 installed for me that is. With SP2 installed i get the error "Cannot find server or DNS error"

Regards

RS




tshinder -> RE: Discussion about part 3 of article on publishing TSAC sites (12.Feb.2006 7:42:39 PM)

Hi RS,

What errors in the ISA firewall log do you see for the failed connections?

Thanks!
Tom




RS_TURBO -> RE: Discussion about part 3 of article on publishing TSAC sites (14.Feb.2006 7:01:33 AM)

Tom

It was only an IE issue! I re-installed IE by right clicking ie.inf-->install and after that everything worked fine!

My next mission is to try and use TSweb but re-direct the RDP port so it's not on 3389. I dont like the idea of someone using RDP straight through the firewall.  Am i wasting my time?? anyway i will let you know how it goes.

regards

RS




PatrickPinto -> RE: Discussion about part 3 of article on publishing TSAC sites (14.Feb.2006 7:29:22 PM)

Tom,

I followed the articles and have run into a proble. I can get to my terminal services logon page at http://ts.pennoni.com/tsweb but once I enter the server name of what I want to connect to I get an error saying the server is not available. The rdp server and and remote desktop web connection is one and the same server.

Any ideas why this would happen?

Just some info...I have my isa 2004 box set up in a pix-isa (one nic going to dmz nic on the pix and the other on internal lan)

Patrick




PatrickPinto -> RE: Discussion about part 3 of article on publishing TSAC sites (14.Feb.2006 7:33:45 PM)

I also published another server just to test it and that did not work either...and rdp is enabled on both them




RS_TURBO -> RE: Discussion about part 3 of article on publishing TSAC sites (14.Feb.2006 10:48:56 PM)

Check live logging and see exactly what RDP is trying to do?

Have you checked you can striaght RDP via ts.pennoni.com?

Are you using ts.pennoni.com as the server name?

regards

RS




PatrickPinto -> RE: Discussion about part 3 of article on publishing TSAC sites (15.Feb.2006 2:20:41 PM)

I cannot straight rdp to ts.pennoni.com...I can onoy get to it if I type http://ts.pennoni.com/tsweb

The actual servername is phl-term-01

Any ideas? How do I enable and check live logging?

Thanks for the help.




tshinder -> RE: Discussion about part 3 of article on publishing TSAC sites (15.Feb.2006 5:03:28 PM)

quote:

ORIGINAL: RS_TURBO

Tom

It was only an IE issue! I re-installed IE by right clicking ie.inf-->install and after that everything worked fine!

My next mission is to try and use TSweb but re-direct the RDP port so it's not on 3389. I dont like the idea of someone using RDP straight through the firewall.  Am i wasting my time?? anyway i will let you know how it goes.

regards

RS


Hi RS,

Great! I figured it had to be something other than an ISA firewall issue.

Thanks!
Tom




RS_TURBO -> RE: Discussion about part 3 of article on publishing TSAC sites (16.Feb.2006 4:34:11 AM)

PatrickPinto to check live logging you need to expand your server and click Monitoring-->click the tab "Logging"-->click start new query.

Make sure you publish RDP server so it listens in on the ip address of ts.pennoni.com.
 
When you browse http://ts.pennoni.com/tsweb you need to enter ts.pennoni.com as the server name not the internal server name.
 
regards
 
RS




PatrickPinto -> RE: Discussion about part 3 of article on publishing TSAC sites (16.Feb.2006 8:41:07 PM)

Thanks so much RS. This is what I see through live logging

Destination ip 192.168.54.x (internal ip of ts box) Protocol 3389 RDP (terminal Services) Action is Denied Rule is Default Rule Source Network is external and Destination is localhost?

Why would it be denying it? I thought my server publishing rule would allow it?

Your also wrote - Make sure you publish RDP server so it listens in on the ip address of ts.pennoni.com. I am not sure I understamd..where and how to do this?
 
Thanks so much.




tshinder -> RE: Discussion about part 3 of article on publishing TSAC sites (17.Feb.2006 2:31:28 PM)

Hi Patrick,

Have you bound to RDP listener to the internal only? If not, do that now.

HTH,
Tom




lightiv -> RE: Discussion about part 3 of article on publishing TSAC sites (18.Feb.2006 3:25:05 AM)

Hi Patrick,

I'm not sure if it has been covered but everytime I have to install OWA after a long period of time I have problems.  For me it is an easy fix but remebering what to do is what gets me.  Anyway here is my little bit of advice:

If you have IIS installed on the ISA server make sure you do not use the default of Port 80 and Port 443 in IIS.  IIS was claiming these ports before ISA so everytime I tried to OWA in it would fail.  I noticed here on the board that Tom said look at the Alerts tab in Monitoring on ISA and there I found that the web proxy filter failed to bind to port 443.  The error message said that this usually happens when another application uses the port...  With this piece of information I stopped and thought about it and whammo it hit me.

I hope this helps.

Paul




lightiv -> RE: Discussion about part 3 of article on publishing TSAC sites (18.Feb.2006 4:01:21 AM)

Hi Tom,

If I understand all this correctly...RDP has its own encryption (I read this on Microsoft site) so using the TSAC is no different than using TSWEB because RDP does not tunnel inside of the HTTP/HTTPS.  Basically TSWEB initiates the connection but RDP then makes its own independent connection.

The only purpose of the TSWEB is so that you can use the ActiveX client and do not have to use the TSAC.

Did I get this all right?

Thanks,

Paul




tshinder -> RE: Discussion about part 3 of article on publishing TSAC sites (18.Feb.2006 6:16:20 PM)

Hi Paul,

You're absolutley right!

Tom




PatrickPinto -> RE: Discussion about part 3 of article on publishing TSAC sites (28.Feb.2006 3:53:37 AM)

Hey all...still having the same problem.

if anyone can take a look at https://ts.pennoni.com/tsweb you will see the remote desktop web page loads up. If you put in the servername of ts.pennoni.com and click connect it seems to hang for awhile like it is trying to do something but then I get an error saying it could not connect to the rremote computer.

I figure I have the the web publishing rule set up correctly if I can get this far. And I have published the actual terminal server correctly. Any ideas of where I am going wrong?




tshinder -> RE: Discussion about part 3 of article on publishing TSAC sites (5.Mar.2006 3:44:24 PM)

Hi Patrick,

Actually, the URL gets you to the OWA page.

Tom




PatrickPinto -> RE: Discussion about part 3 of article on publishing TSAC sites (10.Mar.2006 11:02:28 PM)

Sorry Tom, I was messing around. Can you take a look at it now?

Thanks for all your help.




Page: [1] 2   next >   >>