RE: Sonicwall Pro 3060 / ISA 2004 / Remote Desktop Query

  • From: "Julian Wilkinson" <jules@xxxxxxxxxxxxxx>
  • To: "'[ISAserver.org Discussion List]'" <isalist@xxxxxxxxxxxxx>
  • Date: Mon, 8 Aug 2005 23:36:49 +0100

Will do that for you tomorrow morning (the logs) - The last time I checked
the RDP packets were just getting dropped. (I don't recall any more specific
information from that).

The IP ranges - 
Sonicwall 212.219.123.7 WAN interface.
Going to ISA 2004 on 212.219.123.4 (Both class C's) (and also various other
IP address' for the published webservers and also Remote Desktop machines)
Then going to a 10.10.0.2 on the internal (on a class B subnet)
Various machines being on 10.10.1.x 
I've published the machines to specific 212.219.123.x IP's (we have a full
class C for our disposal).

Nothing fruity with the ports as of yet! Just standard 3389.

Anything else? Or more specifics??

Cheers

Jules

(BTW - Is every one else getting 2 copies of every email?)

-----Original Message-----
From: Greg Mulholland [mailto:greg@xxxxxxxxxxxxxx] 
Sent: 08 August 2005 22:41
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Sonicwall Pro 3060 / ISA 2004 / Remote Desktop Query

http://www.ISAserver.org

So if you run the logs on the sonicwall and on the ISA server, can you
see where the incoming rdp connection breaks. Van we have a breakdown of
the ip ranges on the sonicwall and isa interfaces.. 

-----Original Message-----
From: Julian Wilkinson [mailto:jules@xxxxxxxxxxxxxx] 
Sent: Tuesday, August 09, 2005 3:54 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] Sonicwall Pro 3060 / ISA 2004 / Remote Desktop Query

http://www.ISAserver.org

Hello, 

I've just been tasked with setting up my works firewall setup...

However, all is going mostly swimmingly - But I've hit a stumbling
block.

We have a requirement for Remote Desktop access for some users from the
outside in - and I can't get it to bridge across the two firewalls.

The setup is that the Sonicwall is on the outside edge, and the ISA
server plugged into the WAN port of the Sonicwall.

ISA is doing some access rules, website publishing and proxying, the
Sonicwall content filtering and provision of a DMZ (and usual edge
firewall duties).

I can't seem to get the Remote Desktop connection to bridge over the two
servers.

I can get Remote Desktop in "over the edge" or through ISA server
publishing, but I can't get a connection from the outside to jump both
hurdles.

Has anyone done this? Can this be done?

I know there is a connection being made as I get a connection error of
"The Client could not establish a connection to the remote computer The
most likely causes for this error are :
1) Remote connections might not be enabled at the remote computer
(They
are - I've tested it from the "space between" the Sonicwall and ISA)
2) The maximum number of connections was exceeded at the remote computer
(not true)
3) A network error occurred while establishing the connection"  (True -
At a
guess!)

The interesting side effect of this is that I have to soft restart the
sonicwall after this before it will then accept further Remote Desktop
connections even to the perimeter.

So -
Anything I am doing wrong? Anything I am missing? 

(And I'll get on to my issue of Exchange front end / back ends and the
same setup later, but I'm getting in the ear / neck too much with this
problem
first!)

Help!

Cheers

Jules W.



------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
greg@xxxxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jules@xxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx




Other related posts: