Re: SBS2003, Terminal server and Mobile 6
- From: v-mzhuan@xxxxxxxxxxxxxxxxxxxx (Manfred Zhuang [MSFT])
- Date: Tue, 21 Aug 2007 11:55:09 GMT
Hello Isaac,
Thank you for posting here. Also thanks to Les for input.
From your post, I understand that you would like to know how to publish3389 port on the internal clients out to the Internet . Please follow the
steps below:
Note that the methods are different for SBS 2K3 Standard (which utilizes
RRAS as Firewall) and SBS 2K3 Premium (with ISA):
For ISA, in order for a custom protocol to be considered a "Server"
protocol, its definition must begin with an inbound connection:
SBS 2K3 already has 3389 outbound protocol definition created so you can
directly go to step 7. Step 1 to 6 are listed for your reference in case
you want to publish a unconfigured protocol.
1. In the ''Policy Elements'' branch of ISA server mmc, right click on
Protocol Definitions and choose "New >", "Definition..."
2. Give the Protocol a name. It is recommended that the last word of the
name be "Server"
3. Next...Enter the destination port number for the custom protocol being
created. For example, for Terminal Server, the port number would be 3389.
4. Choose either TCP or UDP for the Protocol Type as appropriate for the
definition. For example, for Terminal Server, the type would be TCP.
5. For the direction, choose an incoming type direction. For example, if
you chose TCP above, the direction should be inbound. If the type was UDP,
choose either Receive or Receive, Send.
6. Finish defining the protocol using the wizard. It may be necessary to
consult the publisher of the protocol for the specifics such secondary
connections. Many well-known protocols are already predefined or can be
found in RFC''s
7. Once the protocol definition is complete, publish it using "Server
Publishing Rules". Right clisk "Server Publishing Rules" and choose "New
", "Rule...". On the Protocol Setting page of the Wizard, the serverdefinition you created will appear in the drop down box. Simply select the
definition and proceed with completing the wizard.
For SBS 2K3 Standard (without ISA,) we can use RRAS to publish a service on
the private network to the Internet; however, one port can only be used
once, which means it's not possible to publish the same services (utilizes
the same port) on different private computers. And if the service requires
secondary connection, it cannot be published by RRAS:
1. Bring up the ''Routing and Remote Access'' console, and then expand to
''Server name'' '' ''IP Routing'' '' ''NAT/Basic Firewall.''
2. In the right pane, right click ''Network Connection'' to choose
Properties.
3. Switch to the ''Services and Ports'' tab, and then Add the desired
service.
For example, if you want to publish RD on different internal client
computers, you will need to configure them listen on different ports:
''306759 How to Change the Listening Port for Remote Desktop -
http://support.microsoft.com/?id=306759''.
If there's anything unclear, please do not hesitate to let me know.
Best regards,
Manfred Zhuang(MSFT)
Microsoft Online Newsgroup Support
Get Secure! - www.microsoft.com/security
=====================================================
This newsgroup only focuses on SBS technical issues. If you have issues
regarding other Microsoft products, you'd better post in the corresponding
newsgroups so that they can be resolved in an efficient and timely manner.
You can locate the newsgroup here:
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
When opening a new thread via the web interface, we recommend you check the
"Notify me of replies" box to receive e-mail notifications when there are
any updates in your thread. When responding to posts via your newsreader,
please "Reply to Group" so that others may learn and benefit from your
issue.
Microsoft engineers can only focus on one issue per thread. Although we
provide other information for your reference, we recommend you post
different incidents in different threads to keep the thread clean. In doing
so, it will ensure your issues are resolved in a timely manner.
For urgent issues, you may want to contact Microsoft CSS directly. Please
check http://support.microsoft.com for regional support phone numbers.
Any input or comments in this thread are highly appreciated.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
| From: "Isaac de Abreu" <askisaac@xxxxxxxxxxxx>
| References: <#1t#caB4HHA.1824@xxxxxxxxxxxxxxxxxxxx>
<E85C8955-0E9F-4964-A6E8-ABB5E919DE69@xxxxxxxxxxxxx>
<#MSmPiJ4HHA.1204@xxxxxxxxxxxxxxxxxxxx>
<AB6C325A-1C0A-4745-80EB-C511C7BD6DBD@xxxxxxxxxxxxx>
| Subject: Re: SBS2003, Terminal server and Mobile 6
| Date: Sat, 18 Aug 2007 00:46:12 +0200
| Lines: 109
| X-Priority: 3
| X-MSMail-Priority: Normal
| X-Newsreader: Microsoft Outlook Express 6.00.2900.3138
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3138
| X-RFC2646: Format=Flowed; Response
| Message-ID: <u39wsBS4HHA.1204@xxxxxxxxxxxxxxxxxxxx>
| Newsgroups: microsoft.public.windows.server.sbs
| NNTP-Posting-Host: dsl-245-16-189.telkomadsl.co.za 41.245.16.189
| Path: TK2MSFTNGHUB02.phx.gbl!TK2MSFTNGP01.phx.gbl!TK2MSFTNGP03.phx.gbl
| Xref: TK2MSFTNGHUB02.phx.gbl microsoft.public.windows.server.sbs:57373
| X-Tomcat-NG: microsoft.public.windows.server.sbs
|
| Hi Les
|
| I understand.
|
| Publishing of the TS is not rocket science is it? Do you have any KB or
| other articles on how to go about this?
|
| Many thanks for your input
|
| Cheers
| Isaac de Abreu
|
| Johannesburg - South Africa
|
| "Les Connor [SBS MVP]" <les.connor@xxxxxxxxxxxx> wrote in message
| news:AB6C325A-1C0A-4745-80EB-C511C7BD6DBD@xxxxxxxxxxxxxxxx
| > If you publish it on a port other than 3389, then yes, you'll break RWW
| > access to that machine. But that's not the end of the world, and may be
a
| > good solution.
| >
| > Perhaps it's a matter of majority rules. If you have only a few WM
clients
| > that need access in this way, and far more that would like to use
| > conventional RWW, do the VPN thing for the WM clients and leave RWW
| > intact. If it's the other way around, then abandon RWW, publish the TS
on
| > 3389.
| >
| > You should be able to get some help from the TS newsgroup on the
| > performance questions, sorry I don't have much to offer you there as I
| > don't have a site with over 10 or so TS users.
| >
| > There is overhead with VPN, and I do understand your wanting to avoid
it
| > if possible. Regarding bandwidth and cost, it's a business decision
that
| > only you can make.
| >
| > --
| > Les Connor [SBS MVP]
| >
| >
| > "Isaac de Abreu" <askisaac@xxxxxxxxxxxx> wrote in message
| > news:%23MSmPiJ4HHA.1204@xxxxxxxxxxxxxxxxxxxxxxx
| >> Hi Les
| >>
| >> Thanks for that info. The purpose is not for administration but rather
to
| >> run an application on the TS.
| >>
| >> Pushing on from your suggestion, if I publish the TS on a non standard
| >> port will this render the TS server unavailable to those who currently
| >> use RWW for TS and if not, does this increase the probability of a
more
| >> secure connection (Coming in on a non-standard port)
| >>
| >> I have been told that if you need 40 users to connect to TS over VPN
then
| >> your bandwidth and performance is going to suffer a lot more than if
you
| >> don't use VPN. Please bear in mind that in South Africa bandwidth is
very
| >> expensive and I will probably be trying to squeeze 40 users into a
| >> 384kb/s pipe!!
| >>
| >> Thanks for your advice on this one.
| >>
| >> Cheers
| >> Isaac de Abreu
| >>
| >> PS Does anyone know where you can get statistics concerning bandwidth
| >> utilisation in a TS environment?
| >>
| >>
| >> "Les Connor [SBS MVP]" <les.connor@xxxxxxxxxxxx> wrote in message
| >> news:E85C8955-0E9F-4964-A6E8-ABB5E919DE69@xxxxxxxxxxxxxxxx
| >>> Hi Isaac,
| >>>
| >>> If this is for administrative purposes, you could RDP to the SBS
server,
| >>> then RDP to the TS.
| >>>
| >>> If it's not for that purpose, then I'm afraid you're going to have to
| >>> bypass RWW completely for TS access, and publish it. If you elect to
| >>> publish it on 3389, then you'll be without RDP access to the SBS
(which
| >>> is an inconvenience, but not the end of the world).
| >>>
| >>> As you mention VPN, that is a valid option that would allow you to
leave
| >>> everything else as is.
| >>>
| >>> --
| >>> Les Connor [SBS MVP]
| >>>
| >>>
| >>> "Isaac de Abreu" <askisaac@xxxxxxxxxxxx> wrote in message
| >>> news:%231t%23caB4HHA.1824@xxxxxxxxxxxxxxxxxxxxxxx
| >>>> Hi all
| >>>>
| >>>> I would like to connect to SBS2003 RWW and from there connect to
| >>>> Terminal Server. The challenge is that I want to connect to
Termninal
| >>>> Server using a Mobile 6 device.
| >>>>
| >>>> The obvious problem over here of course, is that you cannot install
| >>>> Active X controls onto a Mobile 6 device. So the question is - Does
| >>>> anyone have any smart ideas on how I can achieve this or is this
even
| >>>> possible?
| >>>>
| >>>> BTW the solution has to include SBS2003 and Terminal but not
| >>>> necessarily RWW and I would prefer not to go through VPN if possible.
| >>>>
| >>>> Isaac
| >>>> Johannesburg - South Africa
| >>>>
| >>>
| >>
| >>
| >
|
|
|
.
- References:
- SBS2003, Terminal server and Mobile 6
- From: Isaac de Abreu
- Re: SBS2003, Terminal server and Mobile 6
- From: Les Connor [SBS MVP]
- Re: SBS2003, Terminal server and Mobile 6
- From: Isaac de Abreu
- Re: SBS2003, Terminal server and Mobile 6
- From: Les Connor [SBS MVP]
- Re: SBS2003, Terminal server and Mobile 6
- From: Isaac de Abreu
- SBS2003, Terminal server and Mobile 6
- Prev by Date: Re: Backup Failing - VERITAS on SBS
- Next by Date: Log-files om C:
- Previous by thread: Re: SBS2003, Terminal server and Mobile 6
- Next by thread: Exchange Server 2003 mail delivery.
- Index(es):
Relevant Pages
|
