And you've now re-invented Remote Web Workplace, available in SBS 2003 and EBS/SBS 2008...
________________________________________ From: mikeMitchell [its.m...@analogy.ca] Sent: Wednesday, July 01, 2009 2:34 PM To: NT System Admin Issues Subject: RE: Terminal Services question I set up a TS Gateway running on 2k8. It listens on 443, so that was the only port that needs to be open. It acts as a go-between, connecting inbound mstsc traffic on 443 to 3389 on the inside server. There a fair bit of texture allowing for allow/deny based on AD groups. So, from some external location I launch mstsc, where I supply the ts gateway name and a(n internal) machine name... and presto worko. One customer site wrapped a cool webby front end on it... it gets the username, looks up their workstation and sends them on their way. They get their work desktop from home over 443. -----Original Message----- From: Charlie Kaiser [mailto:charl...@golden-eagle.org] Sent: Wednesday, July 01, 2009 11:11 am To: NT System Admin Issues Subject: RE: Terminal Services question Set up a VPN and allow RDP to their desktops. Keep them off the server, unless you want to set up a dedicated TS for client access. While you can allow RDP through your firewall, you're opening up some pretty big holes for people to bang on if you do. You can lock down specific ports/IPs to your users' local IP addys, but that's way more management than you want. Even a basic MS VPN will be much more manageable (remote access group, manage remote access via GP) than trying to allow direct RDP without opening up your network. The level of VPN config you set up will depend on your security requirements. If you work the VPN right, you can allow only approved computers to connect, if that's your desire. *********************** Charlie Kaiser charl...@golden-eagle.org Kingman, AZ *********************** > -----Original Message----- > From: Joe Heaton [mailto:jhea...@etp.ca.gov] > Sent: Wednesday, July 01, 2009 10:09 AM > To: NT System Admin Issues > Subject: Terminal Services question > > I need a nuts and bolts answer, which I could probably get > through research, but I'm getting kind of burnt out at the > moment with other things going on. > > > > If I am at home, and I need to access my network through > Terminal Server, is it as simple as opening up mstsc.exe and > putting in the IP address of the Terminal Server, then > putting in my credentials? Does this then open an RDP > session to the desktop of the Terminal Server? I don't think > I want users to be working on the server, so how do I then > give them the environment I want them to work in? > > > > I'm still working on my "pandemic", everyone has to work from > home solution, but I'm also trying to figure out the best > method of giving remote access in general. I do have Citrix > PS4 in place, but the number of licenses are limited, and I > know that TS licenses are not for concurrent use, so I really > need to get the backend requirements nailed down. Also, I am > looking at more of a desktop experience for the users, as if > they were sitting at their desks, as opposed to publishing > applications only. > > > > Joe Heaton > > AISA > > Employment Training Panel > > 1100 J Street, 4th Floor > > Sacramento, CA 95814 > > (916) 327-5276 > > jhea...@etp.ca.gov > > > > > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
