• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

RDP to isa 2004

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Firewall] >> Access Policies >> RDP to isa 2004 Page: [1]
Login
Message << Older Topic   Newer Topic >>
RDP to isa 2004 - 1.Nov.2005 3:15:00 PM   
edmund-edvinsen

 

Posts: 10
Joined: 28.Nov.2004
Status: offline
Hi
I have a problem that I'm unable to solve.

I have one windows 2003 dc with Exchange and a member server (2003) with ISA 2004.

I'm unable to make a rdp connection to the isa server from anywhere.

I have tried to publish the isa server, and of cource i have enabled Remote Management in the Firewall Policy

Any suggestions??

eddie
Post #: 1
RE: RDP to isa 2004 - 1.Nov.2005 3:30:00 PM   
spouseele

 

Posts: 12830
Joined: 1.Jun.2001
From: Belgium
Status: offline
Hi eddie,

make sure that System Policy rule number 3 is enabled and that you added the proper Network Entities in the From tab. Of course, I assume you have enabled Remote Desktop in the My Computer System Properties (tab Remote).

HTH,
Stefaan

(in reply to edmund-edvinsen)
Post #: 2
RE: RDP to isa 2004 - 1.Nov.2005 3:38:00 PM   
edmund-edvinsen

 

Posts: 10
Joined: 28.Nov.2004
Status: offline
Hi and thanks for quick response.

System Policy rule 3 is enabled and I have added the whole subnet to the Remote Management computers (also tried to add a singel computer)

Remote Desktop is enabled at the ISA server

eddie

(in reply to edmund-edvinsen)
Post #: 3
RE: RDP to isa 2004 - 1.Nov.2005 3:42:00 PM   
spouseele

 

Posts: 12830
Joined: 1.Jun.2001
From: Belgium
Status: offline
Hi eddie,

OK. Then what is the ISA logging telling you?

HTH,
Stefaan

(in reply to edmund-edvinsen)
Post #: 4
RE: RDP to isa 2004 - 1.Nov.2005 3:51:00 PM   
edmund-edvinsen

 

Posts: 10
Joined: 28.Nov.2004
Status: offline
Port 3389 Protocol RDP
Action: Initiated connection - Rule: Allow Remote Management

And right after that;
Closed Connection

eddie

(in reply to edmund-edvinsen)
Post #: 5
RE: RDP to isa 2004 - 1.Nov.2005 4:03:00 PM   
spouseele

 

Posts: 12830
Joined: 1.Jun.2001
From: Belgium
Status: offline
Hi eddie,

so it looks that the access is indeed allowed by the ISA server but that there is something wrong with the Remote Desktop settings instead. Do you get a login screen?

What's the Result Code, Error Information in the logging? Also, do you see some Bytes Sent and Bytes Received.

Also, try a telnet to the RDP listener with the following command 'telnet ISA 3389'. The connection should succeed.

HTH,
Stefaan

[ November 01, 2005, 04:04 PM: Message edited by: spouseele ]

(in reply to edmund-edvinsen)
Post #: 6
RE: RDP to isa 2004 - 1.Nov.2005 4:29:00 PM   
edmund-edvinsen

 

Posts: 10
Joined: 28.Nov.2004
Status: offline
Hi Stefaan

In the log I can only see Initiated connection and right after that Closed Connection....

I have tried to Telnet to port 3389 with no result - seems to me that 3389 is not listening?

I can ping the ISA server ( I have allowed ICMP in remote Management)

I have also tried to publish terminal services on the ISA server

eddie

(in reply to edmund-edvinsen)
Post #: 7
RE: RDP to isa 2004 - 1.Nov.2005 4:46:00 PM   
spouseele

 

Posts: 12830
Joined: 1.Jun.2001
From: Belgium
Status: offline
Hi eddie,

quote:
In the log I can only see Initiated connection and right after that Closed Connection....
What do you mean by that? Don't you see those fields? If not, add them to the view.

What's the result of the command netstat -ano | find ":3389". It should be something like
code:
  netstat -ano | find ":3389": 
TCP 0.0.0.0:3389 0.0.0.0:0 LISTENING 2712

HTH,
Stefaan

[ November 01, 2005, 05:56 PM: Message edited by: spouseele ]

(in reply to edmund-edvinsen)
Post #: 8
RE: RDP to isa 2004 - 1.Nov.2005 7:17:00 PM   
LLigetfa

 

Posts: 2187
Joined: 10.Aug.2004
From: fort frances.on.ca
Status: offline
Why and how did you try to publish the ISA server? Is it your intention to access it via RDP from the outside? Did you specify the NICs to listen on in the Terminal Services configuration?

(in reply to edmund-edvinsen)
Post #: 9
RE: RDP to isa 2004 - 2.Nov.2005 4:20:00 PM   
edmund-edvinsen

 

Posts: 10
Joined: 28.Nov.2004
Status: offline
Hi again

In Terminal server Config and RDP-TCP properties all network adapters was selected.
I changed it to the internal adapter and all works fine.

Stefaan:

netstat -ano showed no rdp at port 3389 before I changed the setting.

Thank you both for the help

eddie

(in reply to edmund-edvinsen)
Post #: 10
RE: RDP to isa 2004 - 3.Nov.2005 1:32:00 PM   
spouseele

 

Posts: 12830
Joined: 1.Jun.2001
From: Belgium
Status: offline
Hi eddie,

good to hear you have it working and thanks for the follow up! [Smile]

Stefaan

(in reply to edmund-edvinsen)
Post #: 11
RE: RDP to isa 2004 - 14.Nov.2005 5:23:51 PM   
dezaer

 

Posts: 5
Joined: 4.Aug.2004
Status: offline
Hi I had the same probleme thanks for you rhelp !

(in reply to spouseele)
Post #: 12
RE: RDP to isa 2004 - 27.Dec.2005 11:53:24 AM   
markkpa2

 

Posts: 18
Joined: 15.Dec.2005
Status: offline
Mee too had the same problem...very strange problem though ;)
BUT anyway THANX!

(in reply to dezaer)
Post #: 13
RE: RDP to isa 2004 - 7.Feb.2007 7:23:47 PM   
ynguyen

 

Posts: 1
Joined: 7.Feb.2007
Status: offline
I have got the same problem but able to find out why.  It used to work before.

I have:
1. Enabled RDP in the policies.  Accept from my machine (management computer...)
2.Just created a new server publishing rule to publish port 3389 incomng to the internal interface.
3.  My machine in in the from section in the rule
4.  Restarted the service (also the server)


I can ping the machine from my computer.
I can't telnet to the ISA in ternal on port 3389
I enabled the qury the saw, Intiated connect...then closeed connection straight afterward.

This is driving me nut 
 
 
 

(in reply to edmund-edvinsen)
Post #: 14
RE: RDP to isa 2004 - 16.Jun.2009 9:49:33 AM   
bencjedi

 

Posts: 2
Joined: 16.Jun.2009
Status: offline
I just installed my first ISA server (2006) and figured out how to do this. I created a brief 2-page tutorial with screenshots, but this site doesn't allow attachments (?). Anyhow, here is the text of how to do it:

By default you cannot remote into the ISA server. Make these changes to be able to do so:
Create a Firewall Policy Rule to allow RDP (Terminal Services) Server and RDP (Terminal Services).
Set it like this:
To: Internal
From: Internal
all users 
Now click on ‘Edit System Policy’ and go to Remote Management section, then 'Terminal Server' and click the 'From' tab. Add in ‘Internal’ network for 'This rule applies to traffic from these sources'.

On any workstation in your internal network (as specified on the ISA server), you should be able to remote desktop into the ISA server now.

(in reply to edmund-edvinsen)
Post #: 15
RE: RDP to isa 2004 - 16.Jun.2009 1:47:59 PM   
elmajdal

 

Posts: 6022
Joined: 16.Sep.2004
From: Lebanese in Kuwait
Status: offline
Hi,

Never create a rule from Internal to Internal !!

Check this article, you only need to edit a system policy : Administrating ISA Server 2006 Remotely Using MMC and Remote Desktop Connection

_____________________________

Tarek Majdalani

Windows Expert - IT Pro MVP
Facebook : https://www.facebook.com/ElMajdal.Net

(in reply to bencjedi)
Post #: 16
RE: RDP to isa 2004 - 16.Jun.2009 3:35:44 PM   
bencjedi

 

Posts: 2
Joined: 16.Jun.2009
Status: offline
Thank you

(in reply to elmajdal)
Post #: 17
RE: RDP to isa 2004 - 16.Jun.2009 4:40:36 PM   
elmajdal

 

Posts: 6022
Joined: 16.Sep.2004
From: Lebanese in Kuwait
Status: offline
You are Welcome.

Thanks,
Tarek

_____________________________

Tarek Majdalani

Windows Expert - IT Pro MVP
Facebook : https://www.facebook.com/ElMajdal.Net

(in reply to bencjedi)
Post #: 18
RE: RDP to isa 2004 - 26.Jul.2010 5:29:54 AM   
AymanOZ

 

Posts: 4
Joined: 12.Sep.2007
Status: offline
THANKS


quote:

ORIGINAL: ynguyen

I have got the same problem but able to find out why.  It used to work before.

I have:
1. Enabled RDP in the policies.  Accept from my machine (management computer...)
2.Just created a new server publishing rule to publish port 3389 incomng to the internal interface.
3.  My machine in in the from section in the rule
4.  Restarted the service (also the server)


I can ping the machine from my computer.
I can't telnet to the ISA in ternal on port 3389
I enabled the qury the saw, Intiated connect...then closeed connection straight afterward.

This is driving me nut 
 
 
 

(in reply to ynguyen)
Post #: 19

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Firewall] >> Access Policies >> RDP to isa 2004 Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts