Jim, This would make a nice post for the team blog. I doubt that more than a few know that the RDP port can be changed per rule. Amy Babinchak Harbor Computer Services ________________________________ From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx] On Behalf Of Jim Harrison Sent: Friday, January 26, 2007 9:16 AM To: isapros@xxxxxxxxxxxxx Subject: [isapros] Re: RDP Issue Policy details are always useful in cases like this; y'no - ISAInfo, ISABPAPack, etc? For instance, "new server publishing rules so that RDP traffic on IP1 goes to the SBS, and RDP traffic on IP2 goes to the TS" sounds like two server publishing rules, since access rules aren't localhost-IP-specific. Since the default SBS policy uses an access rule for SBS-local RDP, he could easily create a policy conflict. From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx] On Behalf Of Amy Babinchak Sent: Friday, January 26, 2007 6:15 AM To: isapros@xxxxxxxxxxxxx Subject: [isapros] RDP Issue Got this question and don't know the answer. I've never used this configuration. Any suggestions? Hey Amy - I've got a quick question for you when you get a moment. I have a couple sites where I have a terminal server sitting behind SBS Premium w/ ISA. Ideally what I'd like to do is be able to RDP directly into both the SBS and the TS. I have tried this at our office - binding a second IP to the external nic, and setting up new server publishing rules so that RDP traffic on IP1 goes to the SBS, and RDP traffic on IP2 goes to the TS. This works initially - but always breaks within a few days when all RDP traffic in and out of the SBS stops (even from the LAN). I end up disabling the RDP server publishing rules I created, restarting ISA services and then RDP is back. At this point, I can re-enable the server publishing rules and be good to go for a few more days. I've tried leaving the default RDP access rule enabled (external to localhost), as well as disabling it, and no change. I'm wondering if you have seen something like this, or if you have any tips for getting this to work consistently. Amy Babinchak Harbor Computer Services All mail to and from this domain is GFI-scanned. All mail to and from this domain is GFI-scanned.