Windows Server 2008 R2 Thread, Remote Desktop Services - RDWeb Internet access in Technical; Ive got Remote Desktop Services set up! At least it works via https://tsk-sr-001.tillskills.local/rdweb from inside the LAN but not from ...
18th March 2012, 02:58 PM #1
Remote Desktop Services - RDWeb Internet access
Ive got Remote Desktop Services set up! At least it works via https://tsk-sr-001.tillskills.local/rdweb from inside the LAN but not from elsewhere on the Internet. I just get page cannot be displayed and suchlike instead! I think Ive successfully added TCP 3389 and 443 to the BT Router. I can see what I think is the servers public IP 22.214.171.124 and I can ping that from my home pc. So do I need to buy a domain for this to work? I mean how do I know that tsk-sr-001.tillskills.local doesnt exist elsewhere on the Internet?
19th March 2012, 12:47 PM #2
Have you setup a gateway server?, if not, its best to.
19th March 2012, 02:13 PM #3
Hi there. Possibly not? Its a single server network. All of the RDS components as well as DNS and DHCP are on the one server. Is what youre referring to a setting, role or feature that I can set up on this server? There wil be less than five people using the RDS.
19th March 2012, 02:49 PM #4
I hope you have done your security homework, as now you have published your public IP internal server/domain name and the fact that Port 3389 is open to the world
TSGrinder here we come...
If you must use pure RDP over the web you had better know your stuff especially in the light of last weeks disclosure Microsoft Security Bulletin MS12-020 - Critical : Vulnerabilities in Remote Desktop Could Allow Remote Code Execution (2671387)
Once your IP is on a trolls list it's a case of batten down the hatches and all hands to the pumps...
Thanks to m25man from:
ReverentCreature (20th March 2012)
19th March 2012, 07:07 PM #5
This is the link you require without a public DNS name. You will need to buy one if you wan a DNS name instead of a IP address which is cheap.
tsk-sr-001.tillskills.local - You will not be able to use externall because this is not a vaild external DNS name, yor need oneending with something like .com or co.uk .net etc
I checked the link, it is working!
Last edited by pritchardavid; 19th March 2012 at 07:10 PM.
Thanks to pritchardavid from:
ReverentCreature (20th March 2012)
20th March 2012, 11:10 AM #6
Thanks for the heads up Geoff! That update should come in automatically as automatic updates is on, correct? I think I need to brush up on my security homework yes. Ive always worked at an RM school so I put on the updates they send out and havent had to deal with updates myself before!
Originally Posted by m25man
20th March 2012, 11:22 AM #7
This is why VPN solutions are better and more secure. Alternatively, you can change the port 3389 to something else.
And as above, you should install that update immediately! This is why WSUS is useful as the million and one workstations I manage automatically receive the update and it reports back too.
20th March 2012, 12:04 PM #8
You should get your LEA/whoever looks after your DNS to point a host recoard (e.g. rds.company.co.uk or rds.schoolname.leaname.sch.uk) at your IP address - make sure your certificates on your server have been setup to accept requests on that DNS name as well.
So basicly you shouldn't be using a .local DNS name
Following on from what others have said you should look at putting your RDS server behind TMG/UAG for security.
21st March 2012, 03:58 PM #9
Thanks guys. RDS comes with a RD Gateway. Is the TS_CAP and TS_RAP that Ive created not enough security?
By Ben_Stanton in forum Virtual Learning Platforms
Last Post: 11th June 2010, 01:35 PM
By ginge in forum Thin Client and Virtual Machines
Last Post: 27th May 2010, 09:44 AM
By mmoseley in forum Windows Server 2008 R2
Last Post: 15th March 2010, 08:31 AM
By HMCTech in forum Windows Server 2008 R2
Last Post: 14th January 2010, 02:40 PM
By HMCTech in forum Licensing Questions
Last Post: 4th November 2009, 10:49 AM
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)