TS Gateway

I've got a Virtual Server on the go to test some of the new functionality of Server 2008 for the transition exam, and came across TS Gateway. At first it seemed impressive, but then I thought, "hang on a minute, can't I just open port 3389 on the router and point to a specified Server?" I wouldn't let people RDP to my DC, but to a member Server would be fine, then with the correct credentials, across to any other DC or Servers I allow them to RDP to. From what I can see, TS Gateway just makes use of SSL 443 which is already open on most routers?

Comments

  • astorrsastorrs Member Posts: 3,139 ■■■■■■□□□□
    It makes use of HTTPS like you said, but it's more than just access to the one server. Using the 6.x version of the RDP client you give it the address of the TS Gateway on the Advanced tab and enter all the other credentials/servername as normal and it proxies the connection through the TS Gateway server directly to the server you are trying to connect to. The other computer sees the traffic as coming from the TS Gateway so you don't have to relax security, etc. to use it.

    I use it at home so I can remotely connect to my ESX environment from anywhere in the world without RDPing into something first.
  • mr2nutmr2nut Member Posts: 269
    astorrs wrote: »
    It makes use of HTTPS like you said, but it's more than just access to the one server. Using the 6.x version of the RDP client you give it the address of the TS Gateway on the Advanced tab and enter all the other credentials/servername as normal and it proxies the connection through the TS Gateway server directly to the server you are trying to connect to. The other computer sees the traffic as coming from the TS Gateway so you don't have to relax security, etc. to use it.

    I use it at home so I can remotely connect to my ESX environment from anywhere in the world without RDPing into something first.

    Ahhh, I get the use for it now. For example, if I set up a port in my router to point port 3389 at a specific Server, you then can't create another rule to point the same port at another Server (obviously!) So RDP 6 essentially gives you a 'gateway' Server (as per the name) and then the front page of RDP to type the local IP/hostname of the Server you need.

    Fair does, think i'll have to set this up tomorrow. Cheers for that icon_smile.gif
  • astorrsastorrs Member Posts: 3,139 ■■■■■■□□□□
    mr2nut wrote: »
    Ahhh, I get the use for it now. For example, if I set up a port in my router to point port 3389 at a specific Server, you then can't create another rule to point the same port at another Server (obviously!) So RDP 6 essentially gives you a 'gateway' Server (as per the name) and then the front page of RDP to type the local IP/hostname of the Server you need.

    Fair does, think i'll have to set this up tomorrow. Cheers for that icon_smile.gif
    No problem, I have a few pointers I can fwd you on setup if you get stuck.
  • mr2nutmr2nut Member Posts: 269
    Ive got it installed fine and working on the lan but he you could forward that info on to take a look at anyway id appreciate it man.
  • astorrsastorrs Member Posts: 3,139 ■■■■■■□□□□
    mr2nut wrote: »
    Ive got it installed fine and working on the lan but he you could forward that info on to take a look at anyway id appreciate it man.
    If you've got it working and certificates issued, etc you should be fine. There were a few blog posts/articles I had saved that covered setup/config (which you seem to be past).
  • mr2nutmr2nut Member Posts: 269
    astorrs wrote: »
    If you've got it working and certificates issued, etc you should be fine. There were a few blog posts/articles I had saved that covered setup/config (which you seem to be past).

    I've got it working internally but i'm guessing it won't use certs at this point. Need to try it externally. I did install CA and create a key in the installation so hopefully it should work fine.
Sign In or Register to comment.