HOW TO: Acessing a Terminal Server when the client is behind a proxy
From: Cláudio Rodrigues (Claudio.Rodrigues_at_NOSPAM-Terminal-Services.NET)
Date: 06/10/04
- Next message: Steve: "Internet Connection Wizard"
- Previous message: cat: "License server"
- Messages sorted by: [ date ] [ thread ]
Date: Thu, 10 Jun 2004 10:17:55 -0400
Hey guys,
Just a quick How-to for you on how to access a Terminal Server in a remote
location when you are behind a proxy server that allows only ports 80 and
443 to the outside.
Note this may violate your company policy for internet usage. You can use
this approach to pretty much bypass the internal proxy and even surf the
internet to any website you want, restricted or not by your company. Again,
use this at your own risk as you may be violating internal policies.
Scenario:
Your computer is behind a firewall and proxy server. Internet Explorer is
set to use a proxy server on port 8080 (can be any other port). No other
ports are allowed outbound what means you cannot connect to any TS in the
outside world on port 3389.
Tools you will need:
Desproxy: http://desproxy.sourceforge.net/ (no installation is needed.
Simply copy the executables to let's say an USB drive so you do not leave
any trace on the PC you will use. :-)).
Java RDP Client: this is needed if you cannot use 2 PCs at work. The idea is
to get your PC listening on a certain port (let's say 3390) and to use
another PC to connect to it on 3390. Your PC will them forward all traffic
to the remote TS through your proxy. Of course you can use one PC only. The
issue is the Microsoft RDP Client is NOT smart enough and when you try to
connect to the local PC (127.0.0.1) on port 3390 it complains saying you
cannot connect to your own PC... I guess they did not account for this
scenario. Anyhow, the link for a web based Java RDP client is
http://www.hob.de/webapps/JTerm33/www/normaltest_J1.html.
Just setup a connection to your local PC (127.0.0.1) on port 3390 (in this
example).
If you have a second PC simply launch the Microsoft RDP client and connect
to Your_First_PC_IP_address:3390.
The terminal server on the remote network (the one you want to access) must
be listening on port TCP 443 (and not 3389). If you want to leave the TS on
port 3389 or if you need to access a cluster of Terminal Servers, use
WTSGateway or WTSGateway Pro from http://www.terminal-services.net and
configure these products to listen on port 443 (your TSs can remain on 3389
in this case).
Now simply create a batch file that will launch Desproxy:
DESPROXY YOUR_TS_IP_Address Port_TS_IS_USING PROXY_SERVER_IP
PROXY_SERVER_PORT Local_PC_Port
Something like:
Desproxy 64.60.123.124 443 proxywww 8080 3390
This will make your PC listen on port 3390. All connections on this port
will be redirected to the IP 64.60.123.124 through your company proxy named
proxywww (you can use the IP instead) that uses port 8080 for incoming
connections.
Note I do not support/endorse such procedures and I clearly state you are
using it at your own risk and you may be violating your company policies.
But if you do need to connect to machines using the RDP protocol and you are
limited by a proxy server, this is the way to go.
-- Cláudio Rodrigues Microsoft MVP Windows Technologies - Terminal Services http://www.terminal-services.net
- Next message: Steve: "Internet Connection Wizard"
- Previous message: cat: "License server"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
