Allow Remote Connection to a PC behind ISA 2004 (Full Version)

All Forums >> [ISA Server 2004 General ] >> Server Publishing



Message


fadi1982 -> Allow Remote Connection to a PC behind ISA 2004 (26.Apr.2007 5:00:30 PM)

Hi,
I want to allow an agent from our company to connect remotly to a server in our network the server is behind ISA and its connecting through secureNAT , what kind of publishing should I do and what kind of protocol should I use, if anyone can give me detailed help  I will be glad.
Thnaks.




elmajdal -> RE: Allow Remote Connection to a PC behind ISA 2004 (26.Apr.2007 5:19:53 PM)

This agent behind ISA server, so he is in your Internal Network ?

your want him to connect to the Internet through ISA OR you want him to control ISA Remotely ?




fadi1982 -> RE: Allow Remote Connection to a PC behind ISA 2004 (27.Apr.2007 11:40:08 AM)

no the agent is outside the country and he want to contect remotly to a sever that it behind ISA server its like that
                           
client------>|       |------->server
                  |       |
                  |ISA |




elmajdal -> RE: Allow Remote Connection to a PC behind ISA 2004 (27.Apr.2007 1:23:04 PM)

You have multiple options :


1- Enable VPN and then this agent connect to the server using RDP or any other tool , http://www.isaserver.org/articles/2004vpnserver.html

2-Using Ultra VNC to connect remotely to this server, check out this : http://elmajdal.net/isaserver/Publishing_ULTRA_VNC_with_ISA_Server_2006.aspx

3-Publish RDP Server,  http://www.isaserver.org/tutorials/Publishing-Remote-Desktop-Web-Connection-Sites-ISA-Firewall-Part3.html


HTH,
Tarek




fadi1982 -> RE: Allow Remote Connection to a PC behind ISA 2004 (30.Apr.2007 5:31:14 PM)

well it worked what I did is :

1-I went to system policy in ISA and configured the "Allow remote management from selected computers using Terminal Server" rule to allow remote connection from the angent ip to the localhost which is ISA server then

2-in the isa server I configured  the network adapter  in the terminal services administration tool (rdp-tcp properties) to bind to the internal network and not to both external and internal like its th case in the default then

3-I made a server publishing rule that allow TCP inbound connection to the internet server at port 3389





elmajdal -> RE: Allow Remote Connection to a PC behind ISA 2004 (1.May2007 2:07:49 AM)

quote:

1-I went to system policy in ISA and configured the "Allow remote management from selected computers using Terminal Server" rule to allow remote connection from the angent ip to the localhost which is ISA server then

Why do u need that ??
You Said the Agent is not going to Control ISA Server Itself, but a Server behind it in the Internal Network ??


quote:

  2-in the isa server I configured  the network adapter  in the terminal services administration tool (rdp-tcp properties) to bind to the internal network and not to both external and internal like its th case in the default then

and this for ISA Server RDP Itself !




fadi1982 -> RE: Allow Remote Connection to a PC behind ISA 2004 (1.May2007 5:59:55 PM)

quote:

Why do u need that ??
You Said the Agent is not going to Control ISA Server Itself, but a Server behind it in the Internal Network ??

yea but  when you configure this in system policy it wont connect to isa server it will just use the isa server to get routed to the server you already published by making firewall access rule that allow TCP inbound connection to this server, and the routing cant be done unless you point to the internal network in the Terminal sevices (RDP-TCP) of the ISA server.
When the client connect to my external ip via RDP he is directly getting routed to the internal server, thats whats happening.





Page: [1]