RE: ISA server cannot connect to Internet
- From: "Thomas W Shinder" <tshinder@xxxxxxxxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Wed, 17 Sep 2003 18:31:13 -0500
Hi Glenn,
Terminal services, by default, listens on all interfaces. If packet
filtering is enabled, then the external interface won't accept incoming
RDP connection requests. However, if you publish terminal services, then
you need to configure the TS to listen only on the internal interface.
In that case, there is no mechanism that I'm aware of that allows you to
control what IP address can connect; however, that's a none issue
because you have to authenticate to connect.
HTH,
Tom
Thomas W Shinder
www.isaserver.org/shinder
ISA Server and Beyond: http://tinyurl.com/1jq1
Configuring ISA Server: http://tinyurl.com/1llp
-----Original Message-----
From: Glenn Maks [mailto:gmaks@xxxxxxxxx]
Sent: Wednesday, September 17, 2003 7:46 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: ISA server cannot connect to Internet
http://www.ISAserver.org
I would not be so quick to bash Terminal Services in
Administration mode on a Microsoft ISA server, as a matter of fact
Microsoft suggests this as a means for remote administration of the ISA
server if your ISA server is installed as a stand a lone server outside
of a Active Directory Domain. To put your worries to rest, Terminal
Services
installed on a ISA Server will answer only from a Internal
Interface, NOT the public interface, in addition, there are ways to
allow and deny by specific IP addresses, which will further secure
attempted access if people discover that Terminal Services are running.
Speaking for myself I know I would NOT want to drive into work at 1:00
AM if I got a service call and had to look at the ISA server to resolve
the problem ... think about it.
Other related posts:
