+ Post New Thread
Results 1 to 9 of 9
Windows Server 2008 R2 Thread, Remote Desktop Services - RDWeb Internet access in Technical; Ive got Remote Desktop Services set up! At least it works via https://tsk-sr-001.tillskills.local/rdweb from inside the LAN but not from ...
  1. #1
    ReverentCreature's Avatar
    Join Date
    Apr 2007
    Location
    Kent, UK
    Posts
    83
    Thank Post
    4
    Thanked 6 Times in 5 Posts
    Rep Power
    16

    Remote Desktop Services - RDWeb Internet access

    Ive got Remote Desktop Services set up! At least it works via https://tsk-sr-001.tillskills.local/rdweb from inside the LAN but not from elsewhere on the Internet. I just get page cannot be displayed and suchlike instead! I think Ive successfully added TCP 3389 and 443 to the BT Router. I can see what I think is the servers public IP 86.149.1.141 and I can ping that from my home pc. So do I need to buy a domain for this to work? I mean how do I know that tsk-sr-001.tillskills.local doesnt exist elsewhere on the Internet?

  2. #2
    pritchardavid's Avatar
    Join Date
    Sep 2009
    Location
    South Ockendon, Thurrock, United Kingdom
    Posts
    932
    Thank Post
    18
    Thanked 64 Times in 58 Posts
    Rep Power
    25
    Have you setup a gateway server?, if not, its best to.

  3. #3
    ReverentCreature's Avatar
    Join Date
    Apr 2007
    Location
    Kent, UK
    Posts
    83
    Thank Post
    4
    Thanked 6 Times in 5 Posts
    Rep Power
    16
    Hi there. Possibly not? Its a single server network. All of the RDS components as well as DNS and DHCP are on the one server. Is what youre referring to a setting, role or feature that I can set up on this server? There wil be less than five people using the RDS.

  4. #4

    m25man's Avatar
    Join Date
    Oct 2005
    Location
    Romford, Essex
    Posts
    1,608
    Thank Post
    49
    Thanked 444 Times in 330 Posts
    Rep Power
    136
    I hope you have done your security homework, as now you have published your public IP internal server/domain name and the fact that Port 3389 is open to the world
    TSGrinder here we come...

    If you must use pure RDP over the web you had better know your stuff especially in the light of last weeks disclosure Microsoft Security Bulletin MS12-020 - Critical : Vulnerabilities in Remote Desktop Could Allow Remote Code Execution (2671387)
    Once your IP is on a trolls list it's a case of batten down the hatches and all hands to the pumps...

  5. Thanks to m25man from:

    ReverentCreature (20th March 2012)

  6. #5
    pritchardavid's Avatar
    Join Date
    Sep 2009
    Location
    South Ockendon, Thurrock, United Kingdom
    Posts
    932
    Thank Post
    18
    Thanked 64 Times in 58 Posts
    Rep Power
    25
    This is the link you require without a public DNS name. You will need to buy one if you wan a DNS name instead of a IP address which is cheap.

    tsk-sr-001.tillskills.local - You will not be able to use externall because this is not a vaild external DNS name, yor need oneending with something like .com or co.uk .net etc

    https://86.149.1.141/RDWeb/

    I checked the link, it is working!
    Last edited by pritchardavid; 19th March 2012 at 07:10 PM.

  7. Thanks to pritchardavid from:

    ReverentCreature (20th March 2012)

  8. #6
    ReverentCreature's Avatar
    Join Date
    Apr 2007
    Location
    Kent, UK
    Posts
    83
    Thank Post
    4
    Thanked 6 Times in 5 Posts
    Rep Power
    16
    Quote Originally Posted by m25man View Post
    If you must use pure RDP over the web you had better know your stuff especially in the light of last weeks disclosure Microsoft Security Bulletin MS12-020 - Critical : Vulnerabilities in Remote Desktop Could Allow Remote Code Execution (2671387) Once your IP is on a trolls list it's a case of batten down the hatches and all hands to the pumps...
    Thanks for the heads up Geoff! That update should come in automatically as automatic updates is on, correct? I think I need to brush up on my security homework yes. Ive always worked at an RM school so I put on the updates they send out and havent had to deal with updates myself before!

  9. #7

    Michael's Avatar
    Join Date
    Dec 2005
    Location
    Birmingham
    Posts
    8,941
    Thank Post
    232
    Thanked 1,510 Times in 1,206 Posts
    Rep Power
    328
    This is why VPN solutions are better and more secure. Alternatively, you can change the port 3389 to something else.

    And as above, you should install that update immediately! This is why WSUS is useful as the million and one workstations I manage automatically receive the update and it reports back too.

  10. #8
    jamesfed's Avatar
    Join Date
    Sep 2009
    Location
    Reading
    Posts
    2,145
    Thank Post
    127
    Thanked 326 Times in 275 Posts
    Rep Power
    81
    You should get your LEA/whoever looks after your DNS to point a host recoard (e.g. rds.company.co.uk or rds.schoolname.leaname.sch.uk) at your IP address - make sure your certificates on your server have been setup to accept requests on that DNS name as well.

    So basicly you shouldn't be using a .local DNS name

    Following on from what others have said you should look at putting your RDS server behind TMG/UAG for security.

  11. #9
    ReverentCreature's Avatar
    Join Date
    Apr 2007
    Location
    Kent, UK
    Posts
    83
    Thank Post
    4
    Thanked 6 Times in 5 Posts
    Rep Power
    16
    Thanks guys. RDS comes with a RD Gateway. Is the TS_CAP and TS_RAP that Ive created not enough security?

SHARE:
+ Post New Thread

Similar Threads

  1. Now BECTA has gone, do we NEED to have a VLE? Remote Desktop Services instead?
    By Ben_Stanton in forum Virtual Learning Platforms
    Replies: 11
    Last Post: 11th June 2010, 01:35 PM
  2. Remote Desktop Services - SSO Problems
    By ginge in forum Thin Client and Virtual Machines
    Replies: 0
    Last Post: 27th May 2010, 09:44 AM
  3. Remote Desktop Services - Mandatory Profiles
    By mmoseley in forum Windows Server 2008 R2
    Replies: 4
    Last Post: 15th March 2010, 08:31 AM
  4. Remote desktop setup for external access
    By HMCTech in forum Windows Server 2008 R2
    Replies: 3
    Last Post: 14th January 2010, 02:40 PM
  5. [Windows Software] Server 2008 R2 Remote Desktop Services
    By HMCTech in forum Licensing Questions
    Replies: 1
    Last Post: 4th November 2009, 10:49 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •