There is no "admin mode TS" in W2K3. They took the "allow remote connections" from XP and used that instead. All TS for W2K3 is "app mode". Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://isaserver.org/Jim_Harrison/ http://isatools.org Read the help / books / articles! On Sun, 28 Sep 2003 16:30:39 +0100 "Steve Moffat" <steve@xxxxxxxxxxxxxxxxxxxxxxxxxx> wrote: http://www.ISAserver.org Hi Tom What's the difference between RDS and TS in admin mode in w2k3? Steve -----Original Message----- From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxxxxxxxxx] Sent: Sunday, September 28, 2003 12:06 PM To: Isa Weblist http://www.ISAserver.org Hi Darryl, It looks like socket pooling, but its not. Its just that the default setting for the terminal services in Win2k is to listen on all interfaces. For Win2003, most people won't be using terminal services on the firewall (at least I hope not), but they will be use remote desktop services to manage the firewall. That is where the problem lies. There is no information available on how to disable the listening on all interfaces issue with the remote desktop services. There is no management interface that allows you to change the NIC the remote desktop service listens on. Therefore, the solution is to create a packet filter for TCP 3389 inbound and limit access to that packet filter to a select number of IP addresses. Then RDP to an internal host from the firewall machine itself. I'm sure there's a Registry setting somewhere that allows you to bind the remote desktop services RDP server to the internal NIC, I just haven't got around to looking for it yet :-) HTH, Tom Thomas W Shinder www.isaserver.org/shinder ISA Server and Beyond: http://tinyurl.com/1jq1 Configuring ISA Server: http://tinyurl.com/1llp -----Original Message----- From: Darryl Janetzki [mailto:darrylj@xxxxxxxxxxxxxxxx] Sent: Saturday, September 27, 2003 9:50 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: Publishing Remote Desktop with W2k3 ISA http://www.ISAserver.org I found that I could not publish an internal TS with this set. I had to set the RDP port to the internal interface on the ISA server using the Terminal services configuration tool. Is this part of the problem with socket pooling? Has any one created a script to remove all protocols from socket pooling on the external interface. Web, FTP and CITRIX rules are OK Thanks Darryl Janetzki ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: steve@xxxxxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') This E-Mail is confidential. It is not intended to be read, copied, disclosed or used by any person other than the recipient named above. Unauthorised use, disclosure, or copying is strictly prohibited and may be unlawful. Optimum IT Solutions disclaims any liability for any action taken in connection of this E-Mail. The comments or statements expressed in this E-Mail are not necessarily those of Optimum IT Solutions or its subsidiaries or affiliates. administrator@xxxxxxxxxxxxxxxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^* All mail from this domain is virus-scanned with RAV. www.ravantivirus.com ^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*