RE: Securing Remote access for RDP (Terminal Services)
- From: "Raji Arulambalam" <RajiA@xxxxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Tue, 22 Nov 2005 12:55:22 +1300
Thanks guys.
> -----Original Message-----
> From: Thor (Hammer of God) [mailto:thor@xxxxxxxxxxxxxxx]
> Sent: Tuesday, 22 November 2005 11:41 AM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: Securing Remote access for RDP
> (Terminal Services)
>
> http://www.ISAserver.org
>
> To be specific, one can indeed use SSL for RDP connections.
> Win2k3 allows specifying certificate-based TLS authentication
> at the server by installing a valid cert, specifying SSL as
> the security layer, and then choosing what encryption level
> you want, all the way to 140 bit FIPS as described in
> KB895433. But this, as you pointed out, has nothing to do
> with ISA other than publishing RDP.
>
> t
>
> ----- Original Message -----
> From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> Sent: Monday, November 21, 2005 1:42 PM
> Subject: [isalist] RE: Securing Remote access for RDP
> (Terminal Services)
>
>
> http://www.ISAserver.org
>
> Hi Raji,
>
> There's nothing on the site for that specific scenario for ISA Server
> 2004 at this time, but if you are interested in the certificate
> deployment, you can use any of the OWA or SSL publishing
> articles. I was
> trying to think of what to write tonight and I was going to
> do something
> on SSL (secure) publishing, so maybe I can't wrap this
> scenario into the
> article.
>
> Keep in mind that the RDP connection isn't an SSL connection.
> That is to
> say, this is not an RDP/HTTP scenario. The SSL connection is
> only to the
> log on page, but the RDP connection is RDP from end to end.
>
> HTH,
> Tom
>
> Thomas W Shinder, M.D.
> Site: www.isaserver.org
> Blog: http://spaces.msn.com/members/drisa/
> Book: http://tinyurl.com/3xqb7
> MVP -- ISA Firewalls
>
>
>
> > -----Original Message-----
> > From: Raji Arulambalam [mailto:RajiA@xxxxxxxxxxxxxx]
> > Sent: Monday, November 21, 2005 3:24 PM
> > To: [ISAserver.org Discussion List]
> > Subject: [isalist] Securing Remote access for RDP (Terminal
> Services)
> >
> > http://www.ISAserver.org
> >
> > Hi
> >
> > My management wants me to secure remote access from the
> > Internet to our
> > published Terminal Server by using server certificates. We
> > use both the
> > TSAC web client and the RDP client on XP machines to
> connect. All this
> > through ISA server 2000. This was setup following Tom's
> > article back in
> > 2001.
> >
> > Any help on how to configure certificates to work with ISA
> server? Or
> > where to look.
> >
> > Thanks
> >
> > Email disclaimer: This email and any attachments are
> > confidential. If you are not the intended recipient, do not
> > copy, disclose or use the contents in any way. If you receive
> > this message in error, please let us know by return email and
> > then destroy the message. Environment Bay of Plenty is not
> > responsible for any changes made to this message and/or any
> > attachments after sending.
> > ******************************************************
> > This e-mail has been checked for viruses and no viruses
> were detected.
> >
> > ------------------------------------------------------
> > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > ------------------------------------------------------
> > Visit TechGenix.com for more information about our other sites:
> > http://www.techgenix.com
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org Discussion
> > List as: tshinder@xxxxxxxxxxxxxxxxxx
> > To unsubscribe visit
> > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > Report abuse to listadmin@xxxxxxxxxxxxx
> >
> >
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion
> List as:
> thor@xxxxxxxxxxxxxxx
> To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
>
>
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion
> List as: rajia@xxxxxxxxxxxxxx
> To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
>
> **********************************************************************
> This e-mail message has been swept for content and viruses.
> No viruses were detected.
> Contact the Helpdesk on extension 9CIS (9247) for
> assistance, if required.
>
Email disclaimer: This email and any attachments are confidential. If you are
not the intended recipient, do not copy, disclose or use the contents in any
way. If you receive this message in error, please let us know by return email
and then destroy the message. Environment Bay of Plenty is not responsible for
any changes made to this message and/or any attachments after sending.
******************************************************
This e-mail has been checked for viruses and no viruses were detected.
Other related posts:
