RE: Publishing terminal services behind ISA/VPN

• From: "Marvin Cummings" <marvc@xxxxxxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Fri, 7 May 2004 01:20:19 -0400

Yes. I'd like access to any particular host upon establishing a VPN
connection using the most secure method. I'm using static IP's on the
external interface with one for web and one for mail and I could add one
more for remote access.
If I add another static IP to the external interface I'm assuming I type
that to gain access to RDP. If this is correct how do I make it secure?
Do or can I request a certificate for this IP? What about terminal
services, do I still need to configure that port? I think I saw it
written and diagramed where ISA - VPN - TS - LAN. Can you point me to a
source, link or online doc explaining this? 

Thanks

-----Original Message-----
From: Jim Harrison [mailto:jim@xxxxxxxxxxxx] 
Sent: Friday, May 07, 2004 12:33 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Publishing terminal services behind ISA/VPN

http://www.ISAserver.org

You should always use static IPs on the ISA external interface whenever
possible.
Since Windows RDP is already encrypted, you really only add overhead
with a VPN channel.

If you want direct access to the internal hosts, use a VPN channel; if
you only need console access, leave it to RDP.

  Jim Harrison
  MCP(NT4, W2K), A+, Network+, PCG
  http://isaserver.org/Jim_Harrison/
  http://isatools.org
  Read the help / books / articles!


On Thu, 6 May 2004 17:45:03 -0400
 "Marvin Cummings" <marvc@xxxxxxxxxxxxxxx> wrote:
http://www.ISAserver.org

Isn't all of this possible via a secured connection to the ISA/VPN
server and then to terminal services? I too want to be able to access my
internal network remotely and I'm hoping to do it this way instead of
adding a ton of 3rd party apps to the server. 

Also is it also possible or wise to assign a static IP to the external
interface of the ISA and connect to the ISA/VPN/TS server?

 

Thanks 

 

________________________________

From: Greg Mulholland [mailto:gregstelatel@xxxxxxxxxxx] 
Sent: Wednesday, May 05, 2004 8:44 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Publishing terminal services behind ISA/VPN

 

http://www.ISAserver.org

 

Joseph

 

I winscp is my MVT (most valuable tool) atm, occassionally i have run a
windows ssh server on my isa so i can use ssh from the outside. You can
also port stuff over ssh which is lovely and secure, things like VNC and
stuff.

 

http://winscp.sourceforge.net/eng/ - winscp 

http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html -- putty
ssh client

http://www.bitvise.com/winsshd.html -- ssh server for windows

 

Greg Mulholland
Stelatel Communications
Unit 3 641-643 Centre Rd
Bentleigh East, VIC
Phone: (03) 9576-5699
Fax:   (03) 9576-5899
gregstelatel@xxxxxxxxxxx
www.stelatel.com

  

 

 

________________________________

From: cismic [mailto:cismic@xxxxxxx] 
Sent: Thursday, 6 May 2004 9:09 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Publishing terminal services behind ISA/VPN

http://www.ISAserver.org

Hi Thomas,

I guess I could use FTP to post the new pages. And then create a special
*.aspx page that I can use to compile the new site pages.  Isnt' SSH
more for the unix world?  I was just searching for a windows version of
SSH.

I find that back to back processes although more secure are a little
harder to get working the way I want.

 

Thank you,

Joseph

        ----- Original Message ----- 

        From: Thomas W Shinder <mailto:tshinder@xxxxxxxxxxx>  

        To: [ISAserver.org Discussion List]
<mailto:isalist@xxxxxxxxxxxxx>  

        Sent: Wednesday, May 05, 2004 3:59 PM

        Subject: [isalist] RE: Publishing terminal services behind
ISA/VPN

         

        http://www.ISAserver.org

        Hi Joseph,

         

        How about FTP or SSH? I prefer not to run TS on a public access
box, esp. one that allows anonymous public access.

         

        HTH,

        Tom

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
marvc@xxxxxxxxxxxxxxx
To unsubscribe send a blank email to
$subst('Email.Unsub') 



------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe send a blank email to
$subst('Email.Unsub')

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
marvc@xxxxxxxxxxxxxxx
To unsubscribe send a blank email to
$subst('Email.Unsub')

Other related posts:

• » Publishing terminal services behind ISA/VPN
• » Re: Publishing terminal services behind ISA/VPN
• » RE: Publishing terminal services behind ISA/VPN
• » RE: Publishing terminal services behind ISA/VPN
• » RE: Publishing terminal services behind ISA/VPN
• » RE: Publishing terminal services behind ISA/VPN
• » RE: Publishing terminal services behind ISA/VPN
• » RE: Publishing terminal services behind ISA/VPN
• » RE: Publishing terminal services behind ISA/VPN
• » RE: Publishing terminal services behind ISA/VPN
• » RE: Publishing terminal services behind ISA/VPN
• » RE: Publishing terminal services behind ISA/VPN
• » RE: Publishing terminal services behind ISA/VPN
• » RE: Publishing terminal services behind ISA/VPN
• » RE: Publishing terminal services behind ISA/VPN
• » RE: Publishing terminal services behind ISA/VPN
• » RE: Publishing terminal services behind ISA/VPN
• » RE: Publishing terminal services behind ISA/VPN
• » RE: Publishing terminal services behind ISA/VPN
• » RE: Publishing terminal services behind ISA/VPN

1. Home
2. isalist
3. Archive
4. 05-2004

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---