• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

rdp outbound from internal to perimeter net

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Firewall] >> Access Policies >> rdp outbound from internal to perimeter net Page: [1]
Login
Message << Older Topic   Newer Topic >>
rdp outbound from internal to perimeter net - 12.Feb.2004 4:49:00 PM   
acorrea

 

Posts: 2
Joined: 12.Feb.2004
Status: offline
I have a three legged template.. 1 internal and two perimeter networks..... I want to connect via rdp to a ts server in one of the perimeter based on user credentials in the AD.. So I have a rule that says internal-external(really perimeter) rdp protocol for user a.. Thinking this should work however it does not. The same rule that I setup denies 3389 outbound...

Any thoughts..

tks
angelo
Post #: 1
RE: rdp outbound from internal to perimeter net - 13.Feb.2004 4:29:00 AM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Angelo,

Have you created a routing rule between the two networks?

Thanks!
Tom

(in reply to acorrea)
Post #: 2
RE: rdp outbound from internal to perimeter net - 13.Feb.2004 9:50:00 PM   
penrose.l@2college.nl

 

Posts: 474
Joined: 29.Jan.2004
From: Netherlands
Status: offline
hi ,

by default , users connecting to ISA are NOT ( ! ) authenticated. They are secureNAT clients ( or web proxies ). You need to install Firewall client on your workstation in order to be identified by the isa server. Once you're identified , the ISA server will allow the packetrule and you can RDP to server.
Check this in the monitoring tab of ISA.

Kind regards,
Lex Penrose

(in reply to acorrea)
Post #: 3
RE: rdp outbound from internal to perimeter net - 17.Feb.2004 4:42:00 PM   
acorrea

 

Posts: 2
Joined: 12.Feb.2004
Status: offline
Okay so if this only works for Proxy clients then (forgive the dumb question) how do I deny access for securenat or is there a way to auth the user prior to going out...

(in reply to acorrea)
Post #: 4
RE: rdp outbound from internal to perimeter net - 17.Feb.2004 8:35:00 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi A,

You can create a network set that includes the IP addresses of the hosts you want to control. Then use that in your "From" rule. However, for true security, you always need a client piece that sends credentials to the firewall. No firewall can authetnicate a user without a client piece. You should install the Firewall client software and configure the browsers as Web Proxy clients.

HTH,
Tom

(in reply to acorrea)
Post #: 5

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Firewall] >> Access Policies >> rdp outbound from internal to perimeter net Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts